RSA Conference 2019: The Sky's the Limit For Satellite Hacks

SAN FRANCISCO – The satellites orbiting the world are rife with vulnerabilities – and as more satellites go up, and antenna equipment becomes cheaper, they are becoming a lucrative target for threat actors back on earth, according to researchers. William Malik, vice president of infrastructure...

Trust Issues: Exploiting TrustZone TEEs

Posted by Gal Beniamini, Project Zero Mobile devices are becoming an increasingly privacy-sensitive platform. Nowadays, devices process a wide range of personal and private information of a sensitive nature, such as biometric identifiers, payment data and cryptographic keys. Additionally, modern...

Nextcloud: Design Issues on ( ███ ) Lead to show ( IPS of Users )

Hello , I know this Domain is maybe out of scope But it Connected to the main Website I have see it Cashable the Download IPS for Users Status. As I saw that You active statics awstats That show me Full access to Status on the website . POC...

Radancy: Information disclosure through directory listing at http://dockerhost01.maximum.nl:8080

Hello! Description: Information disclosure through enabled directory listing. Links as poc: http://dockerhost01.maximum.nl:8080 http://dockerhost01.maximum.nl:8080/logs/ See pic 1 2 3 The unauthenticated user can get some juicy info about internal infrastructure, docker containers, logs, tokens a...

LinkedIn Private Bug Bounty Program Goes Public

Public-facing bug bounties are the shiny new bauble of computer security. And with good reason since in most cases, companies that start their own bounties or go through a third-party platform provider are able to take advantage of a pool of skilled contributors, patch products, and improve...

Multiple G-WAN vulnerabilities

======================================================================== Title: Multiple G-WAN vulnerabilities Product: G-WAN http://gwan.com/ Author: Fredrik Widlund E-mail: fredrik.widlund at gmail dot com Date: 2011-10-12 ========================================================================...

ActiveX security leaks in the TV owned web game platform

There is a security problem within the architecture / design issues of the BlooMooWeb ActiveX control. BlooMooWeb is an internet game platform for kids, popular mainly in Poland. It has been provided for the TV programme "Krolestwo Maciusia" "The Kingdom of Macius" broadcast in TVP1 - first chann...

CVE-2005-4582

CVE-2005-4582 affects Electric Sheep 2.6.3, where the client does not require authentication or integrity checks from the server. This can allow remote attackers to download and display arbitrary MPEG movie files via DNS spoofing, a URL on the command line, or a URL in the configuration file. The...

Various problems in Ternd Micro AppletTrap URL filtering

Monday 9 July 2001 eDvice Security Services Advisory - Various problems in Trend Micro AppletTrap URL filtering Product Background ------------------ Trend Micro AppletTrap is a product for blocking malicious Java applets, malicious JavaScript and unsecured ActiveX controls at the gateway. The...