26 matches found
FakeUpdates Malware Campaign Targets WordPress – Millions of Sites at Risk
By Waqas The February 2024 Global Threat Index report released by Check Point Software Technologies Ltd. exposes the alarming vulnerability of cybersecurity worldwide. This is a post from HackRead.com Read the original post: FakeUpdates Malware Campaign Targets WordPress - Millions of Sites at Ri...
ShowStopper - Anti-Debug tricks exploration tool
The ShowStopper project is a tool to help malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods. With this tool, you can attach a debugger to its process and research the debugger’s behavior for the...
DJI Patches Forum Bug That Allowed Drone Account Takeovers
Leading commercial drone maker DJI patched a cross-site scripting bug impacting its forums that could have allowed a hacker to hijack user accounts and gain access to sensitive online data, ranging from flight images, bank card data, flight records and even real time camera images. The...
Critical Out-of-Band Patch Issued for Adobe Acrobat Reader
Adobe released patches for seven flaws in an unscheduled update for its Acrobat Reader and DC product, which could lead to arbitrary code execution. The patches, released Wednesday, come one week after Adobe’s regularly-scheduled September update. The flaws addressed include one “critical”...
Schneider Electric Magelis HMI Resource Consumption Vulnerabilities (Update B)
OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-308-02A Schneider Electric Magelis HMI Resource Consumption Vulnerabilities that was published November 22, 2016, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of a public report of resource consumption...
Jkanime Site Infected, Redirecting to Exploit Kit, Ransomware
An anime site popular in Mexico and South America was this week infected with malware redirecting visitors to a Neutrino Exploit Kit landing page. The site, Jkanime, streams anime video and has 33 million monthly visitors. Neutrino is currently the top dog among exploit kits after two of the bigg...
Nuclear, Angler Exploit Kit Activity Has Disappeared
Criminal hackers are fickle about their attack vectors. You need to look no further for evidence of this than their constant migration from one exploit kit to another. And while there is an expansive menu of exploit kits, attackers do seem to congregate around a precious few. Researchers who stud...
Debian DSA-3183-1 : movabletype-opensource - security update
Multiple vulnerabilities have been discovered in Movable Type, a blogging system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-2184 Unsafe use of Storable::thaw in the handling of comments to blog posts could allow remote attackers to include and...
Debian Security Advisory DSA 3183-1 (movabletype-opensource - security update)
Multiple vulnerabilities have been discovered in Movable Type, a blogging system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-2184 Unsafe use of Storable::thaw in the handling of comments to blog posts could allow remote attackers to include and...
Henry Spencer regular expressions (regex) library contains a heap overflow vulnerability
Overview A regular expressions C library originally written by Henry Spencer is vulnerable to a heap overflow in some circumstances. Description CWE-122: Heap-based Buffer Overflow From the researcher, the variable len that holds the length of a regular expression string is "enlarged to such an...
GhostScript PostScript File Stack Overflow Exploit
No description provided by source. Check Point Software Technologies - Vulnerability Discovery Team VDT Rodrigo Rubira Branco - rbranco noSPAM checkpoint.com GhostScript Stack Overflow bsd/x86/shellbindtcp - 214 bytes http://www.metasploit.com Encoder: x86/alphaupper AppendExit=false,...
MediaWiki Remote Code Execution vulnerability leaves Wikipedia open for Cyber attacks
The Encyclopedia giant WIKIPEDIA has been found vulnerable to remote code execution because of a critical flaw in the MediaWiki software. Wikipedia is a name which has become a major source of information for all of us. It has webpages on almost every topic you need to search. This giant is power...
Radius Manager Cross Site Scripting
Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Radius Manager Multiple Cross Site Scripting Issues CVE-2010-4275 INTRODUCTION Radius Manager is a centralized way for administration of Mikrotik, Cisco, Chillispot and StarOS routers and...
Radius Manager 3.8.0 - Multiple Cross-Site Scripting Vulnerabilities
Radius Manager 3.8.0 - Multiple Cross-Site Scripting Vulnerabilities Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Radius Manager Multiple Cross Site Scripting Issues CVE-2010-4275 INTRODUCTION Radius Manager is a centralized way for...
Apple Directory Services - Memory Corruption
Apple Directory Services - Memory Corruption Apple Directory Services Memory Corruption CVE-2010-1840 INTRODUCTION chfn, chpass and chsh dos not properly parse authname switch "-u", which causes the applications to crash when parsing a long string. Those binaries are setuid root by default. This...
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4086
Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Memory corruption when Adobe Shockwave Player parses .dir media file...
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4089
Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Memory corruption when Adobe Shockwave Player parses .dir media file...
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4087
Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Memory corruption when Adobe Shockwave Player parses .dir media file mma...
cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977
Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ cforms WordPress Plugin Cross Site Scripting Vulnerability CVE-2010-3977...
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2882
I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Memory corruption when Adobe Shockwave Player parses .dir media file CVE-2010-2882...