RIG exploit kit campaign gets deep into crypto craze

There isn't a day that goes by without a headline about yet another massive spike in Bitcoin valuation, or a story about someone mortgaging their house to purchase the hardware required to become a serious cryptocurrency miner. If many folks are thinking about joining the 'crypto craze' movement,...

Forever 21 Says PoS Systems Exposed Customer Data for 8 Months

Fashion retailer Forever 21 confirmed a breach made public in November resulted in the theft of credit card data belonging to an undisclosed number of customers. The company had stated that a lack of encryption used on some of its point-of-sales payment terminals could have resulted in unauthoriz...

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2017-936)

It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms. CVE-2017-10198 Vulnerabilit...

Security Flaw Left Major Banking Apps Vulnerable to MiTM Attacks Over SSL

A team of security researchers has discovered a critical implementation flaw in major mobile banking applications that left banking credentials of millions of users vulnerable to hackers. The vulnerability was discovered by researchers of the Security and Privacy Group at the University of...

RedHat Update for java-1.7.0-openjdk RHSA-2017:3392-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Dasan Networks GPON ONT WiFi Router H640X 12.02-01121 / 2.77p1-1124 / 3.03p2-1146 - Remote Code Execution

Vulnerability Summary The following advisory describes a buffer overflow that leads to remote code execution found in Dasan Networks GPON ONT WiFi Router H640X versions 12.02-01121 / 2.77p1-1124 / 3.03p2-1146 Dasan Networks GPON ONT WiFi Router “is indoor type ONT dedicated for FTTH Fibre to the...

SUSE SLES12 Security Update : openssl (SUSE-SU-2017:2981-1)

This update for openssl fixes the following issues: Security issues fixed : - CVE-2017-3735: Malformed X.509 IPAdressFamily could cause OOB read bsc1056058 - adjust DEFAULTSUSE to meet 1.0.2 and current state bsc1027908 - out of bounds read+crash in DESfcrypt bsc1065363 - DEFAULTSUSE cipher list ...

DumpsterFire Toolset: Security Incidents In A Box

The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support a...

ALPINE-CVE-2017-14032

ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as PolarSSL, the releases shipped with the PolarSSL...

OpenJDK: incorrect enforcement of certificate path restrictions (Security, 8179998)

It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms...

FIN7 Evolution and the Phishing LNK

FIN7 is a financially-motivated threat group that has been associated with malicious operations dating back to late 2015. FIN7 is referred to by many vendors as “Carbanak Group”, although we do not equate all usage of the CARBANAK backdoor with FIN7. FireEye recently observed a FIN7 spear phishin...

Google Chrome < 58.0.3029.81 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 58.0.3029.81. It is, therefore, affected by multiple vulnerabilities as referenced in the 201704stable-channel-update-for-desktop advisory. - Incorrect handling of DOM changes in Blink in Google Chrome prior to...

Sony Playstation 4 (PS4) 3.50 4.07 - WebKit Code Execution (PoC)

Sony Playstation 4 PS4 3.50 4.07 - WebKit Code Execution PoC PS4 4.0x Code Execution ============== This repo is my edit of the 4.0x webkit exploit released by qwertyoruiopz. The edit re-organizes, comments, and adds portability across 3.50 - 4.07 3.50, 3.55, 3.70, 4.00, and of course 4.06/4.07...

Sony Playstation 4 (PS4) 3.50 &lt; 4.07 - WebKit Code Execution (PoC)

PS4 4.0x Code Execution ============== This repo is my edit of the 4.0x webkit exploit released by qwertyoruiopz. The edit re-organizes, comments, and adds portability across 3.50 - 4.07 3.50, 3.55, 3.70, 4.00, and of course 4.06/4.07. The commenting and reorganization was mostly for my own...

Hash Collision Attacks

jackson-core-asl is vulnerable to hash collision attacks. The sanity checks added to prevent hash collisions will fail with too long collision chains...

Fedora 25 : ca-certificates (2016-d1408c3ba3)

This is an update to the Mozilla CA certificates list version 2.9, which has been published as part of Mozilla NSS 3.26. This update reverts the CA list to the unmodified upstream CA list. The legacy CA modifications, which had previously been shipped with Fedora, have been reverted to an empty...

OWASP SSL TLS Scanning : DeepViolet

DeepViolet is a TLS/SSL scanning API written in Java. To keep DeepViolet easy to use, identify bugs, reference implementations have been developed that consume the API. If you want to see what DeepViolet can do, use it from the command line in your scripts or use the graphical tool from the comfo...

Vera Bradley Retail Chain Breached

Retailer Vera Bradley warned customers on Wednesday of a compromise of its point-of-sale system that allowed hackers to make off with an undisclosed number of credit card records. The breach impacts only retail customers who shopped at one of 159 Vera Bradley locations between July 25 and Sept. 2...

kernel: netfilter: missing bounds check in ipt_entry structure

A security flaw was found in the Linux kernel in the marksourcechains function in "net/ipv4/netfilter/iptables.c". It is possible for a user-supplied "iptentry" structure to have a large "nextoffset" field. This field is not bounds checked prior to writing to a counter value at the supplied offse...

kernel: netfilter: missing bounds check in ipt_entry structure

A security flaw was found in the Linux kernel in the marksourcechains function in "net/ipv4/netfilter/iptables.c". It is possible for a user-supplied "iptentry" structure to have a large "nextoffset" field. This field is not bounds checked prior to writing to a counter value at the supplied offse...