2609 matches found
ICS & SCADA Situational Awareness: Grassmarlin
ICS & SCADA Situational Awareness GRASSMARLIN is an open-source software tool that provides a method for discovering and cataloging Supervisory Control & Data Acquisition SCADA and Industrial Control System ICS hosts on IP-based networks. GRASSMARLIN uses a variety of sources to generate this dat...
(0Day) UCanCode E-XD++ Visualization Enterprise Suite TKDRAWCAD RotateShape Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of UCanCode E-XD++ Visualization Enterprise Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCVIEWER StartRichTextEdit Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of UCanCode E-XD++ Visualization Enterprise Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCVIEWER SelectShape Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of UCanCode E-XD++ Visualization Enterprise Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCVIEWER Multiple Methods Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of UCanCode E-XD++ Visualization Enterprise Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCDRAW AddBoolUserProperty Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of UCanCode E-XD++ Visualization Enterprise Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
(0Day) UCanCode E-XD++ Visualization Enterprise Suite TKGIS CloneShape Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of UCanCode E-XD++ Visualization Enterprise Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCDIAGRAM InsertShapePoint Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of UCanCode E-XD++ Visualization Enterprise Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCVIEWER RotateFromCenter Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of UCanCode E-XD++ Visualization Enterprise Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCDRAW AddTabShapeEmptyPage Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of UCanCode E-XD++ Visualization Enterprise Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCDRAW MoveShape Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of UCanCode E-XD++ Visualization Enterprise Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
Qualys Cloud Platform 2.27 New Features
This release of the Qualys Cloud Platform version 2.27 includes updates and new features for Cloud Agent and AssetView as follows: Highlights Platform / Cloud Agent API Host Asset Management API – updated to query on and return additional Cloud Agent attributes. The new attribute fields are not...
Kibana Open Redirect Vulnerability
Kibana is an open source data visualization plugin for Elasticsearch. Kibana suffers from an open redirection vulnerability that allows an attacker to craft links that redirect to arbitrary websites...
Reverse Engineering Framework: radare2
Reverse Engineering Framework: radare2 r2 is a rewrite from scratch of radare in order to provide a set of libraries and tools to work with binary files Radare project started as a forensics tool, a scriptable command-line hexadecimal editor able to open disk files, but later support for analyzin...
Open Source Incident Management & Response Platform: Cyphon
Open Source Incident Management & Response Platform Cyphon is a big data platform that aggregates, standardizes, and enhances data for easier analysis. Many businesses rely on emails to manage alert notifications, which leaves their networks susceptible to overlooked incidents, alert fatigue and...
Heroku Dynos Explained
What are Heroku Dynos? If youve ever hosted an application on Heroku, the popular platform as a service, youre likely at least aware of the existence of "Dynos". But what exactly are Heroku Dynos and why are they important? As explained in Herokus docs, Dynos are simply lightweight Linux containe...
Visual Malware Analysis: ProcDOT
Visual Malware Analysis There are plenty of tools for behavioral malware analysis. The defacto standard ones, though, are Sysinternals’s Process Monitor also known as Procmon and PCAP generating network sniffers like Windump, Tcpdump, Wireshark, and the like. These “two” tools cover almost...
Mimir - OSINT Threat Intel Interface
OSINT Threat Intel Interface - Named after the old Norse God of knowledge. Mimir functions as a CLI to HoneyDB which in short is an OSINT aggragative threat intel pool. Starting the program brings you to a menu the options for which are as follows. 1. Fetch Threat Feed 5. Visualize Top Malicious...
SIEM Security Tools: Four Expensive Misconceptions
Why modern SIEM security solutions can save you from data and cost headaches. If you want to reliably detect attacks across your organization, you need to see all of the activity thats happening on your network. More importantly, that activity needs to be filtered and prioritized by risk -- acros...
OSINT Gathering Tool: Inquisitor
OSINT Gathering Tool Inquisitor is a simple for gathering information on companies and organizations through the use of Open Source Intelligence OSINT sources. The key features of Inquisitor include: 1. The ability to cascade the ownership label of an asset e.g. if a Registrant Name is known to...