ImpulsiveDLLHijack - C# Based Tool Which Automates The Process Of Discovering And Exploiting DLL Hijacks In Target Binaries

C based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during RedTeam Operations to evade EDR's. 1. Methodological Approach : The tool basically acts on automating following stages performed for...

PT-2021-4685 · Microsoft · Console Window Host +1

Name of the Vulnerable Software and Affected Versions: Console Window Host affected versions not specified Description: The issue is related to errors in security settings of the Console Window Host component in Microsoft Windows operating systems. This allows an attacker to bypass security...

NSA, CISA Release Guidelines to Secure VPNs

By Deeba Ahmed The NSA and CISA have published guidelines to secure virtual private networks VPNs as threat actors have been exploiting VPN vulnerabilities. This is a post from HackRead.com Read the original post: NSA, CISA Release Guidelines to Secure VPNs...

A New APT Hacker Group Spying On Hotels and Governments Worldwide

A new advanced persistent threat APT has been behind a string of attacks against hotels across the world, along with governments, international organizations, engineering companies, and law firms. Slovak cybersecurity firm ESET codenamed the cyber espionage group FamousSparrow, which it said has...

Metasploit Wrap-Up

Vulnerability is in the eye of the beholder Exploiting firmware authored by UDP Technology and provided to multiple large OEMs including Geutebruck, community contributor TrGFxX has authored a neat module that allows RCE as root on machines running the web interface of the Geutebruck G-Cam and...

A week in security (Sept 13 – Sept 19)

Last week on Malwarebytes Labs Why backups aren’t a “silver bullet” against ransomware, with Matt Crape: Lock and Code S02E17 The many tentacles of Magecart Group 8 Apple releases emergency update: Patch, but don’t panic Update now! Google Chrome fixes two in-the-wild zero-days Parts of the Dark...

Microsoft Warns of Cross-Account Takeover Bug in Azure Container Instances

Microsoft on Wednesday said it remediated a vulnerability in its Azure Container Instances ACI services that could have been weaponized by a malicious actor "to access other customers' information" in what the researchers described as the "first cross-account container takeover in the public...

Design/Logic Flaw

Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. Exploiting the vulnerability requires the user to click on a specially crafted, seemingly legitimate URL containing an embedded...

Black Hat: Bugs Allow Takeover of Capsule Hotel Rooms

LAS VEGAS – A series of vulnerabilities in internet of things IoT devices often found in connected hotel rooms allowed a researcher to take control of multiple rooms’ amenities – and punish a loud neighbor. An inadvertent bug hunt began when Kya Supa, security consultant at LEXFO, was traveling...

CVE-2020-29499

Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Command Injection vulnerability in PowerStore X environment . A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiti...

DarkSide Ransomware

DarkSide ransomware is a relatively new ransomware strain that threat actors have been using to target multiple large, high-revenue organizations resulting in the encryption and theft of sensitive data and threats to make it publicly available if the ransom demand is not paid. Because of its...

GeoDirectory Location Manager < 2.1.0.10 - Multiple Unauthenticated SQL Injections

In the plugin, the AJAX action gdpopularlocationlist did not properly sanitise or validate some of its POST parameters, which are then used in a SQL statement, leading to unauthenticated SQL Injection issues. The prerequisite to exploiting this vulnerability is finding a page on the vulnerable si...

Hackers‌ ‌Actively‌ ‌Exploiting‌ ‌0-Day‌ ‌in WordPress Plugin Installed on Over ‌17,000‌ ‌Sites

Fancy Product Designer, a WordPress plugin installed on over 17,000 sites, has been discovered to contain a critical file upload vulnerability that's being actively exploited in the wild to upload malware onto sites that have the plugin installed. Wordfence's threat intelligence team, which...

Baserunner - A Tool For Exploring Firebase Datastores

A tool for exploring and exploiting Firebase datastores. Set up 1. git clone https://github.com/iosiro/baserunner.git 2. cd baserunner 3. npm install 4. npm run build 5. npm start 6. Go to http://localhost:3000 in your browser. Usage The Baserunner interface looks like this: First, use the...

Adobe Acrobat Reader DC out-of-bounds write vulnerability

Adobe Acrobat Reader is a PDF viewer. The software is used to print, sign and annotate PDFs. Adobe Acrobat Reader DC is vulnerable to an out-of-bounds write vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the current user...

Valve: Buffer overrun in Steam SILK voice decoder

Vulnerability The SteamWorks SDK has a function available named DecompressVoice, which takes as input some compressed voice data, and returns the raw audio data. The format for the input voice data is as follows: 8 bytes - steamid 1 byte - payload type 2 bytes - payload size 4 bytes - CRC checksu...

Google Chrome 86.0.4240 V8 Remote Code Execution

/ BSD 2-Clause License Copyright c 2021, rajvardhan agarwal All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice,...

Burpsuite-Copy-As-XMLHttpRequest - Copy As XMLHttpRequest BurpSuite Extension

The extension adds a context menu to BurpSuite that allows you to copy multiple requests as Javascript's XmlHttpRequest, which simplifies PoC development when exploiting XSS. Installation download the latest JAR from releases or build manually add JAR to burpsuite using tabs: "Extender" -...

Hackers exploiting critical vulnerabilities in Fortinet VPN – FBI-CISA

By Deeba Ahmed According to CISA and the FBI, advanced persistent threat APT nation-state actors are exploiting known vulnerabilities in the Fortinet FortiOS. This is a post from HackRead.com Read the original post: Hackers exploiting critical vulnerabilities in Fortinet VPN - FBI-CISA...

CVE-2021-26935

In WoWonder 3.1, remote attackers can gain access to the database by exploiting a requests.php?f=search-my-followers SQL Injection vulnerability via the eventid parameter...