27 matches found
MemGuard - Secure Software Enclave For Storage Of Sensitive Information In Memory
Secure software enclave for storage of sensitive information in memory. This package attempts to reduce the likelihood of sensitive data being exposed. It supports all major operating systems and is written in pure Go. Features Sensitive data is encrypted and authenticated in memory using xSalsa2...
In NTDLL I Trust – Process Reimaging and Endpoint Security Solution Bypass
ARCHIVED STORY In NTDLL I Trust – Process Reimaging and Endpoint Security Solution Bypass By Eoin Carroll · June 20, 2019 Process Reimaging Overview The Windows Operating System has inconsistencies in how it determines process image FILEOBJECT locations, which impacts non-EDR Endpoint Detection a...
XSLeaks attack analysis-HTTP caching and cross-site leakage-vulnerability warning-the black bar safety net
0x1 XSSearch past lives This attack is the earliest can be dated back to 10 years agoi.e. 2009, one named Chris Evans, security personnel describes one of the Yahoo attack: Chris use a malicious web site to search for the site visitor's e-mail Inbox, and he by constructing different keywords mann...
Selfrando Technique Mitigates Attacks Unmasking Tor Users
The FBI’s apparent capability to unmask users of the Tor Network has caused hand-wringing among those concerned with privacy and civil liberties, many of whom are busy trying to win legal battles to get law enforcement to confess as to how they’re doing it. A team of academics and researchers,...
CVE-2010-1679
Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package...
FlexCMS 2.5 - 'inc-core-admin-editor-previouscolorsjs.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/30709/info FlexCMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Updating IPS Blade with the Latest Dynamic Protections
IPS dynamic updates are available to customers who have purchased the IPS subscription service. Customers with valid subscription license can choose the attacks to defend against, read detailed information about the attack, configure parameters for each attack defense, including logging options,...