The vulnerability of microprogrammed software in industrial modems of the OnCell G3470A-LTE Series, WDR-3124A Series, microprogrammed software in Wi-Fi routers of the TAP-323 Series, WAC-1001 Series, and WAC-2004 Series lies in the use of rigidly encrypted account data, which allows attackers to escalate their privileges.

The vulnerability of microprogrammed software in industrial modems of the OnCell G3470A-LTE Series, WDR-3124A Series, microprogrammed software in Wi-Fi routers of the TAP-323 Series, WAC-1001 Series, and WAC-2004 Series is related to the use of rigidly encrypted login credentials. Exploiting this...

New SideWalk Backdoor Targets U.S.-based Computer Retail Business

A computer retail company based in the U.S. was the target of a previously undiscovered implant called SideWalk as part of a recent campaign undertaken by a Chinese advanced persistent threat group primarily known for singling out entities in East and Southeast Asia. Slovak cybersecurity firm ESE...

CVE-2021-30998

A S/MIME issue existed in the handling of encrypted email. This issue was addressed with improved selection of the encryption certificate. This issue is fixed in iOS 15.2 and iPadOS 15.2. A sender's email address may be leaked when sending an S/MIME encrypted email using a certificate with more...

CVE-2021-30997

A S/MIME issue existed in the handling of encrypted email. This issue was addressed by not automatically loading some MIME parts. This issue is fixed in iOS 15.2 and iPadOS 15.2. An attacker may be able to recover plaintext contents of an S/MIME-encrypted e-mail...

CVE-2021-30998

A S/MIME issue existed in the handling of encrypted email. This issue was addressed with improved selection of the encryption certificate. This issue is fixed in iOS 15.2 and iPadOS 15.2. A sender's email address may be leaked when sending an S/MIME encrypted email using a certificate with more...

PT-2021-19035 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 15.2 iPadOS versions prior to 15.2 Description: A S/MIME issue existed in the handling of encrypted email, which was addressed with improved selection of the encryption certificate. This issue may cause a sender's email...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS and Apple iPadOS that stems from an S/MIME issue when handling...

Apple iOS和Apple iPadOS 信任管理问题漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS and Apple iPadOS that stems from an S/MIME issue when handling...

Session fixation

An issue was discovered in SmarterTools SmarterMail through 100.0.7537. Meddler-in-the-middle attackers can pipeline commands after a POP3 STLS command, injecting plaintext commands into an encrypted user session...

Smartertools SmarterTools SmarterMail 命令注入漏洞

Smartertools SmarterTools SmarterMail is a set of mail server software from SmarterTools Smartertools, USA. The program supports spam filtering, statistics, simple mail transfer protocol SMTP authentication and other features. SmarterTools SmarterMail suffers from a security vulnerability that...

PickleC2 - A Post-Exploitation And Lateral Movements Framework

PickleC2 is a post-exploitation and lateral movements framework. Documentation ReadTheDocs Overview PickleC2 is a simple C2 framework written in python3 used to help the community in Penetration Testers in their red teaming engagements. PickleC2 has the ability to import your own PowerShell modul...

Bantam - A PHP Backdoor Management And Generation tool/C2 Featuring End To End Encrypted Payload Streaming Designed To Bypass WAF, IDS, SIEM Systems

An advanced PHP backdoor management tool, with a lightweight server footprint, multi-threaded communication, and an advanced payload generation and obfuscation tool. Features end to end encryption with request unique encryption keys, and payload streaming designed to bypass WAF, IDS, SIEM systems...

VPN Test: How to check if your VPN is working or not

The primary function of a Virtual Private Network VPN is to enhance your online privacy and security. It should do this without slowing your Internet too noticeably. Performing a VPN test or two can help you ensure that its up to the mark. VPN privacy test Your Internet Service Provider ISP assig...

Wsh - Web Shell Generator And Command Line Interface

wsh pronounced woosh is a web shell generator and command line interface. This started off as just an http client since interacting with webshells is a pain. There's a form, to send a command you have to type in an input box and press a button. I wanted something that fits into my workflow better...

August 10, 2021—KB5005089 (Security-only update)

August 10, 2021—KB5005089 Security-only update Important: Windows 7 and Windows Server 2008 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases known as "C" releases for this operating system...

August 10, 2021—KB5005031 (OS Build 18363.1734)

August 10, 2021—KB5005031 OS Build 18363.1734 EXPIRATION NOTICE As of 9/12/2023, KB5005031 is only available from Windows Update. This update is no longer available from the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quali...

CVE-2021-37546

In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted properties was used...

CVE-2021-37546

In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted properties was used...

Code injection

In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted properties was used...

CVE-2021-37546

In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted properties was used...