71 matches found
Siemens syngo Dynamics 代码问题漏洞
Siemens syngo Dynamics is a cardiovascular imaging and information solution from Siemens, Germany. Designed to be a centralized digital hub for complete cardiovascular services, Siemens syngo Dynamics is vulnerable to server-side request forgery, which can be exploited by attackers to cause NTLM ...
Prilex: the pricey prickle credit card complex
Prilex is a Brazilian threat actor that has evolved out of ATM-focused malware into modular point-of-sale malware. The group was behind one of the largest attacks on ATMs in the country, infecting and jackpotting more than 1,000 machines, while also cloning in excess of 28,000 credit cards that...
Adobe Acrobat Reader Dc 信息泄露漏洞
Adobe Acrobat is a set of PDF file editing and conversion tools from the U.S. Adobe Acrobat Reader DC ActiveX space is vulnerable to information disclosure, which stems from errors in the configuration of the network system or product during operation. An unauthenticated attacker could exploit th...
DonPAPI - Dumping DPAPI Credz Remotely
Dumping revelant information on compromised targets without AV detection DPAPI dumping Lots of credentials are protected by DPAPI. We aim at locating those "secured" credentials, and retreive them using : User password Domaine DPAPI BackupKey Local machine DPAPI Key protecting TaskScheduled blob...
Cisco Webex Teams代码问题漏洞
Cisco Webex Teams is a software for team collaboration from Cisco USA. The software provides online communication for teams with features such as shared files, digital whiteboards, and video conferencing. A code issue vulnerability exists in multiple Cisco products, which is caused by incorrect...
Netop Vision 安全漏洞
Netop Vision is an application from the Danish company Netop. It provides a classroom management software. A security vulnerability exists in Netop Vision Pro up to and including 9.7.1, which arises from a plaintext transfer of sensitive information allowing remote unauthenticated collection of...
CVE-2020-8355
An internal product security audit of Lenovo XClarity Administrator LXCA prior to version 3.1.0 discovered the Windows OS credentials provided by the LXCA user to perform driver updates of managed systems may be captured in the First Failure Data Capture FFDC service log if the service log is...
Lenovo Lenovo XClarity Administrator Information Disclosure Vulnerability
Lenovo XClarity Administrator LXCA is a centralized resource management solution from Lenovo, China. The product provides agentless hardware management for servers, storage, network switches, and more. An information disclosure vulnerability exists in Lenovo XClarity Administrator, which stems fr...
Lockphish - The First Tool For Phishing Attacks On The Lock Screen, Designed To Grab Windows Credentials, Android PIN And iPhone Passcode
Lockphish it's the first tool 07/04/2020 for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link. LockPhish Tutorial:https://www.kalilinux.in/2020/05/lockphish.html Author: The Linux Choice Who deleted his GitHub repository...
CVE-2019-3588 Using VSE to bypass Windows Credentials on Lock screen
Privilege Escalation vulnerability in Microsoft Windows client McTray.exe in McAfee VirusScan Enterprise VSE 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked...
Steganography Anchors Pinpoint Attacks on Industrial Targets
A targeted series of attacks on suppliers of equipment and software for industrial enterprises is playing out globally, researchers said, hinging on phishing and a steganography tactic to hide malware on public, legitimate image resources. According to Kaspersky ICS CERT, the attacks seem bent on...
HiveJack - This Tool Can Be Used During Internal Penetration Testing To Dump Windows Credentials From An Already-Compromised Host
This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM, SECURITY and SAM registry hives and once copied to the attacker machines provides an option to delete these files to clear the trace. Often, this i...
Lenovo XClarity Administrator Information Disclosure Vulnerability (CNVD-2020-19571)
Lenovo XClarity Administrator LXCA is a centralized resource management solution from Lenovo, China. The product is capable of providing agentless hardware management for servers, storage, network switches, and more. A security vulnerability exists in Lenovo LXCA version 2.6.0, which originated...
CVE-2019-19756
An internal product security audit of Lenovo XClarity Administrator LXCA discovered Windows OS credentials, used to perform driver updates of managed systems, being written to a log file in clear text. This only affects LXCA version 2.6.0 when performing a Windows driver update. Affected logs are...
Default credentials
An issue was discovered in Gallagher Command Centre 8.10 before 8.10.1092MR2. Upon an upgrade, if a custom service account is in use and the visitor management service is installed, the Windows username and password for this service are logged in cleartext to the Commandcentre.log file...
CVE-2019-15294
Gallagher Command Centre 8.10 before 8.10.1092(MR2) is affected. If, during an upgrade, a custom service account is in use and the visitor management service is installed, the Windows username and password for that service are logged in cleartext to the Command_centre.log file. This constitutes a...
LaZagneForensic - Decrypt Windows Credentials From Another Host
LaZagne uses an internal Windows API called CryptUnprotectData to decrypt user passwords. This API should be called on the victim user session, otherwise, it does not work. If the computer has not been started when the analysis is realized on an offline mounted disk, or if we do not want to drop ...
Patched Flash Player Sandbox Escape Leaked Windows Credentials
One of the patches included in Tuesday’s Adobe Flash Player update was a do-over after the researcher who privately reported the problem earlier this year discovered the original patch incompletely resolved the issue. Dutch researcher Bjorn Ruytenberg disclosed details after Adobe updated the...
CA Arcserve D2D - GWT RPC Credential Information Disclosure (Metasploit)
Exploit for windows platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'CA Arcserve D2D GWT RPC Credential Information Disclosure', 'Descriptio...
CVE-2016-6034
IBM Tivoli Storage Manager for Virtual Environments VMware could disclose the Windows domain credentials to a user with a high level of privileges...