Lucene search
K

164 matches found

ThreatPost
ThreatPost
added 2016/11/22 8:57 a.m.10 views

DoD Publishes Vulnerability Disclosure Policy

The Department of Defense promised upon the inception of the Hack the Pentagon bug bounty program that it would continue to engage white-hats. Hack the Pentagon set the tone with more than 1,400 participants and 138 vulnerabilities resolved during the 24-day trial during the spring. Two weeks ago...

7AI score
Exploits0References7
Hacker One
Hacker One
added 2016/11/22 5:34 a.m.23 views

U.S. Dept Of Defense: Reflected cross-site scripting vulnerability on a DoD website

A cross-site scripting XSS vulnerability was found on a Department of Defense. XSS vulnerabilities can be used to trick a web user into executing a malicious script, potentially revealing a user's web session information or modify web content. @konduru-jashwanth able to demonstrate this...

0.6AI score
Exploits0
Hacker One
Hacker One
added 2016/11/21 11:46 p.m.13 views

U.S. Dept Of Defense: Stored cross-site scripting (XSS) on a DoD website

A stored cross-site scripting vulnerability was found on a Department of Defense website which may trick a web user into executing a malicious script, potentially revealing a user's web session information or modify web content. @jonbottarini was able to demonstrate this vulnerability by crafting...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2016/03/03 1:18 a.m.9 views

Hack the Pentagon — US Government Challenges Hackers to Break its Security

Update: 'Hack The Pentagon' has opened registration for its pilot bug bounty program of $150,000 for hackers in return for the vulnerabilities they find in its public facing websites. The Defense Department has enlisted the bug bounty startup HackerOne to manage the pilot program. Interested...

6.8AI score
Exploits0
Richard Bejtlich's blog
Richard Bejtlich's blog
added 2015/12/10 3:33 p.m.19 views

Domain Creep? Maybe Not.

I just read a very interesting article by Sydney Freedberg titled DoD CIO Says Spectrum May Become Warfighting Domain. That basically summarizes what you need to know, but here's a bit more from the article: Pentagon officials are drafting new policy that would officially recognize the...

6.6AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.36 views

Liquid XML Studio 2010 <= 8.061970 - (LtXmlComHelp8.dll) OpenFile() Remote 0day Overflow Exploit

No description provided by source. html !-- |------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// // //,// // // | | | | http://www.corelan.be:8800 | |...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

VideoScript <= 4.0.1.50 Admin Change Password Exploit

No description provided by source. ?php / ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...

7.1AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2014/04/03 11:36 a.m.12 views

DoD DIACAP transition to RMF approved

Welcome DIARMF! This has been a long time coming. From DITSCAP to DIACAP and now to DIARMF the Department of Defense approved the transition to a Risk Management Framework RMF approach developed by NIST on March 12. What does this mean for Information Systems and Platform Information Technology...

1.9AI score
Exploits0
ThreatPost
ThreatPost
added 2013/05/06 4:29 p.m.9 views

Pentagon Approves Samsung KNOX Android Platform for DoD

Android has long been the outcast of mobile device security largely because hackers have been adept at getting malware onto the platform via third-party application marketplaces and lax submission policies on Google Play. The security of the operating system itself, however, hasn’t been challenge...

7.1AI score
Exploits0References2
ThreatPost
ThreatPost
added 2013/04/02 2:35 p.m.6 views

DoD Inspector General Calls Out Army CIO For Poor Mobile Device Security

The CIO of the U.S. Army failed to put in place a comprehensive security program capable of protecting data stored on commercial mobile devices such as iPhones and Androids, leaving sensitive information in key Army installations exposed. The Inspector General of the Department of Defense took th...

0.8AI score
Exploits0References2
ThreatPost
ThreatPost
added 2012/05/14 6:37 p.m.11 views

DoD Program Expanded, Designed to Share Threat Information

The Pentagon on Friday invited a slew of government contractors to meet and share classified information on cyber threats going forward, part of an initiative that the department hopes will reduce the risk of intrusions to government systems. The information sharing model that the Department of...

0.5AI score
Exploits0References5
ThreatPost
ThreatPost
added 2012/01/13 4:51 a.m.8 views

Researchers Find Sykipot Trojan Variant For Hijacking DoD Smart Cards

A report from Alien Vault says that variants of the Sykipot Trojan have been found that can steal DOD smartcard credentials. The research, published in a blog post Thursday, is the latest by Alien Vault to look at Sykipot, a Trojan horse program known to be used in targeted attacks against defens...

2AI score
Exploits0References3
The Hacker News
The Hacker News
added 2011/12/08 5:57 a.m.5 views

Charlie Miller now working with DoD for Cyber Security

Charlie Miller is a former hacker who has become an information security consultant now working with Department of Defense DoD for helping out with cyber security. He was invited to the conference on cyber conflict held by the NATO Cooperative Cyber Defense Center of Excellence in Tallinn, where ...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2011/12/08 5:57 a.m.7 views

Charlie Miller now working with DoD for Cyber Security

Charlie Miller is a former hacker who has become an information security consultant now working with Department of Defense DoD for helping out with cyber security. He was invited to the conference on cyber conflict held by the NATO Cooperative Cyber Defense Center of Excellence in Tallinn, where ...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2011/07/15 6:18 a.m.4 views

Pentagon Admits to biggest ever data breach

Pentagon Admits to biggest ever data breach According to Report, Department of Defense and Pentagon is disclosing news of the one of the largest data loss events to date . From investigation, officials to believe the intrusion was orchestrated by a foreign government. The theft of around 24,000...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2011/01/05 6:5 p.m.18 views

Xiaodong Sheldon Meng (Quantum3D)

Meng was a 44 year-old software engineer living in Cupertino, California when, in 2008, he became the first person sentenced for a violation of the U.S.’s Economic Epionage Act of 1996. Meng had worked as an engineer for Quantum3D, a defense contractor that makes visual simulation software used f...

0.5AI score
Exploits0
ThreatPost
ThreatPost
added 2010/04/20 6:37 p.m.10 views

Top 20 'Critical Controls' from SANS Institute

The SANS Institute has released critical security controls for cyber defense agreed to by a consortium of agencies including: “NSA, US Cert, DoD, DoD JTF-GNO, the Department of Energy Nuclear Laboratories, Department of State, DoD Cyber Crime Center plus the top commercial forensics experts and p...

1.6AI score
Exploits0References1
0day.today
0day.today
added 2010/03/15 12:0 a.m.33 views

Liquid XML Studio 2010 <= v8.061970 - OpenFile() Remote Heap Overflow

Exploit for unknown platform in category remote exploits ====================================================================================================== Liquid XML Studio 2010 !-- |------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / /...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/03/15 12:0 a.m.24 views

Liquid XML Studio 2010 Heap Overflow

!-- |------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// // //,// // // | | | | http://www.corelan.be:8800 | | [email protected] | | |...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2010/03/15 12:0 a.m.40 views

Liquid XML Studio 2010 8.061970 - LtXmlComHelp8.dll OpenFile() Remote Overflow

Liquid XML Studio 2010 8.061970 - LtXmlComHelp8.dll OpenFile Remote Overflow !-- |------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// // //,// // // | | | |...

0.3AI score
Exploits0
Rows per page
Query Builder