MB Connect Line mbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 is a remote service portal developed by the German company MB Connect Line. This product supports features such as remote access, data recording, and alarm notifications. MB Connect Line mbCONNECT24 has a SQL injection vulnerability, which stems from improper handling ...

Intel One Boot Flash Utility Security Vulnerability

The Intel One Boot Flash Utility is an Intel Corporation program for updating a system's BIOS, BMC, Sensor Data Recording SDR, Field-Replaceable Unit FRU, and Intel® Management Engine Intel® ME. Programs for the Intel® Management Engine Intel® ME. A security vulnerability exists in the Intel One...

[SECURITY] Fedora 37 Update: rust-below-0.6.3-4.fc37

below is an interactive tool to view and record historical system data. It has support for: - information regarding hardware resource utilization - viewing the cgroup hierarchy - cgroup and process information - pressure stall information PSI - record mode to record system data - replay mode to...

SUSE CVE-2010-1764

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, follows multiple redirections during form submission, which allows remote web servers to obtain sensitive information by recording the form data...

CVE-2021-38505

The Mozilla Foundation Security Advisory describes this flaw as: Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. Applications that wis...

Mozilla Thunderbird < 91.3

The version of Thunderbird installed on the remote Windows host is prior to 91.3. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-50 advisory. - The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions...

Mozilla Firefox ESR < 91.3

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 91.3. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-49 advisory. - The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass...

To pay, or not to pay? That is the VPN question

VPNs have been a subject of deliberation for a long time. Is it even important to use one? I think the pandemic has made it clear that, yes, using a VPN is useful, even necessary, most especially for those working remotely. But should you pay for it? Or would you rather settle for free? Were goin...

Excerpts From: Do More with Less—How Endpoint Security in the Cloud is Helping Companies Stay Secure

If you're responsible for security at your company, you know that you're held back by things like limited budgets, a lack of skilled personnel, and too many security products complicating your stack. In Carbon Black’s recent webinar, we discussed how endpoint security in the cloud can simplify yo...

No Data Recorded on NetScaler MAS Analytics

No data recorded on NetScaler MAS analytics...

IRONGATE ICS Malware: Nothing to See Here...Masking Malicious Activity on SCADA Systems

In the latter half of 2015, the FireEye Labs Advanced Reverse Engineering FLARE team identified several versions of an ICS-focused malware crafted to manipulate a specific industrial process running within a simulated Siemens control system environment. We named this family of malware IRONGATE...

Network Protocol Fuzzing: boofuzz

Boofuzz is a fork of and the successor to the Sulley fuzzing framework. Besides numerous bug fixes, boofuzz aims for extensibility, with the eventual goal of being able to fuzz literally anything. Sulley has been the preeminent open source fuzzer for some time, but has fallen out of maintenance...