Signal is testing usernames so you don’t have to share your phone number

Messaging service Signal is testing support for usernames as a replacement for phone numbers to serve as user identities. Signal provides encrypted instant messaging and is popular among people that value their privacy. Compared to more popular services like WhatsApp, Signal offers more layers of...

Magic Hound Exploiting Old Microsoft Exchange ProxyShell Vulnerabilities

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here APT35 aka Magic Hound, an Iranian-backed threat group, has begun using Microsoft Exchange ProxyShell vulnerabilities as an initial attack vector and to execute code through multiple web shells. The group has primarily targeted...

Windows/x64 - Dynamic NoNull Add RDP Admin (BOKU:SP3C1ALM0V3) Shellcode (387 Bytes)

Shellcode Title: Windows/x64 - Dynamic NoNull Add RDP Admin BOKU:SP3C1ALM0V3 Shellcode 387 Bytes Shellcode Author: Bobby Cooke boku Tested on: Windows 10 v2004 x64 Compiled from: Kali Linux x8664 Full Disclosure: github.com/boku7/x64win-AddRdpAdminShellcode Shellcode Description: 64bit Windows 10...

Patriot-Linux - Host IDS For Desktop Users

Patriot Linux is a HIDS for desktop users who wants real time graphical alerts when something suspicious happens Patriot detect: 1- Suspicious process running 2- New process starting TCP/IP Connection 3- Auditd alerts 4- New keyboards plugged Installation You need to configure Auditd with this...

Google Enables 'Site Isolation' Feature By Default For Chrome Desktop Users

Google has by default enabled a security feature called "Site Isolation" in its web browser with the release of Chrome 67 for all desktop users to help them protect against many online threats, including Spectre and Meltdown attack. Site Isolation is a feature of the Google Chrome web browser tha...

SUSE SLED12 / SLES12 Security Update : libgme (SUSE-SU-2016:3250-1)

This update for libgme fixes the following issues : - CVE-2016-9957, CVE-2016-9958, CVE-2016-9959, CVE-2016-9960, CVE-2016-9961: Various issues were fixed in the handling of SPC music files that could have been exploited for gaining privileges of desktop users. bsc1015941 Note that Tenable Networ...

HP Client 9.19.08.17.9 - Command Injection

HP Client 9.19.08.17.9 - Command Injection Exploit Title: HP Client - Automation Command Injection Date: 10/10/2016 Exploit Author: SlidingWindow , Twitter: @kapilkhot Vendor Homepage: Previosuly HP, now http://www.persistentsys.com/ Version: Tested on version 7.9 but should work on 8.1, 9.0, 9.1...

Koler Android Ransomware Infrastructure Complex and Agile

While the Koler ransomware may be a simplistic money-generating malware scam, the infrastructure standing up its campaigns is anything but. Researchers at Kaspersky Lab published a report today that not only explained details of how the attackers—possibly the group behind the Reveton...

Fedora 12 Critics Upset Over Install Rights' Changes

Under Fedora 12, users are able to install software from repositories without being prompted for root password. The undocumented change in Fedora 12 has caused consternation amongst Fedora users. The change is part of PolicyKit’s policy for desktop users and was made to make the system easier for...