941 matches found
ysoserial
This is a Java tool called ysoserial, which generates payloads that exploit unsafe Java object deserialization. The tool is designed to create gadgets that can be used to execute arbitrary code on a Java application that performs unsafe deserialization. The tool takes a user-specified command and...
ysoserial
This is a proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. The tool, called ysoserial, is a collection of utilities and property-oriented programming "gadget chains" discovered in common Java libraries that can, under the right conditions, exploit Jav...
Privilege Escalation
openssl is vulnerable to privilege escalation. The vulnerability exists due to an error in the implementation of a check to disallow certificates in certificate chains...
CVE-2021-1721
A flaw was found in dotnet. A recursion error when building X.509 certificate chains can lead to a stack overflow which could crash the system. The highest threat from this vulnerability is to system availability...
dotnet: certificate chain building recursion Denial of Service
A flaw was found in dotnet. A recursion error when building X.509 certificate chains can lead to a stack overflow which could crash the system. The highest threat from this vulnerability is to system availability...
dotnet: certificate chain building recursion Denial of Service
A flaw was found in dotnet. A recursion error when building X.509 certificate chains can lead to a stack overflow which could crash the system. The highest threat from this vulnerability is to system availability...
dotnet: certificate chain building recursion Denial of Service
A flaw was found in dotnet. A recursion error when building X.509 certificate chains can lead to a stack overflow which could crash the system. The highest threat from this vulnerability is to system availability...
dotnet: certificate chain building recursion Denial of Service
A flaw was found in dotnet. A recursion error when building X.509 certificate chains can lead to a stack overflow which could crash the system. The highest threat from this vulnerability is to system availability...
WestRock Ransomware Attack Hinders Packaging Production
WestRock – the second-largest packaging company in the U.S. – continues to restore its systems, two weeks after it discovered it was the victim of a ransomware attack. WestRock, which has more than 320 manufacturing facilities globally, creates packaging supplies for a bevy of high-profile client...
How Grinch Buying Bots Took the Gaming Hardware Market Hostage
In video games jargon, the phrase “Console Wars" refers to the fierce competition between hardware manufacturers for market share. It turns out, however, that the only war going on at the moment is for acquiring a console. And thus far, Grinch Bots are winning. Video Games’ Popularity Is Peaking...
New iMessage Security Features
Apple has added added security features to mitigate the risk of zero-click iMessage attacks. Apple did not document the changes but Groß said he fiddled around with the newest iOS 14 and found that Apple shipped a "significant refactoring of iMessage processing" that severely cripples the usual...
Linux: Get iptables and ip6tables (KB)
Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. Several different tables may be defined. Each table contains a number of built-in chains and may also contain user-defined chains. Ip6tables is used to set up, maintain, and inspect the...
EDR in block mode stops IcedID cold
We are happy to announce the general availability of endpoint detection and response EDR in block mode in Microsoft Defender for Endpoint. EDR in block mode turns EDR detections into real-time blocking of malicious behaviors, malware, and artifacts. It uses Microsoft Defender for Endpoint’s...
DEBIAN-CVE-2020-29529
HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks. Fixed in 0.5.0...
What did DeathStalker hide between two ferns?
DeathStalker is a threat actor thats been active since at least 2012, and we exposed most of their past activities in a previous article, as well as during a GREAT Ideas conference in August 2020. The actor drew our attention in 2018 because of distinctive attack characteristics that didnt fit in...
Malware Families Turn to Legit Pastebin-Like Service
Cybercriminals are increasingly turning to a legitimate, Pastebin-like web service for downloading malware — such as AgentTesla and LimeRAT — in spear-phishing attacks. Pastebin, a code-hosting service that enables users to share plain text through public posts called “pastes,” currently has 17...
Researchers Uncover Cyber Espionage Operation Aimed At Indian Army
Cybersecurity researchers uncovered fresh evidence of an ongoing cyberespionage campaign against Indian defense units and armed forces personnel at least since 2019 with an aim to steal sensitive information. Dubbed "Operation SideCopy " by Indian cybersecurity firm Quick Heal, the attacks have...
Bitcoin Inventory Out-of-Memory Denial-of-Service Attack (CVE-2018-17145)
There was an easily exploitable uncontrolled memory resource consumption denial-of-service vulnerability that existed in the peer-to-peer network code of three implementations of Bitcoin and several alternative chains. For more details please see: https://invdos.net/ For the paper:...
GHSA-HX3R-JV9Q-85JW Bitcoin Inventory Out-of-Memory Denial-of-Service Attack (CVE-2018-17145)
There was an easily exploitable uncontrolled memory resource consumption denial-of-service vulnerability that existed in the peer-to-peer network code of three implementations of Bitcoin and several alternative chains. For more details please see: https://invdos.net/ For the paper:...
CVE-2020-1911
A type confusion vulnerability when resolving properties of JavaScript objects with specially-crafted prototype chains in Facebook Hermes prior to commit fe52854cdf6725c2eaa9e125995da76e6ceb27da allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only...