Facebook Small Business Grants Spark Identity-Theft Scam

Cybercriminals are exploiting a $100 million Facebook grant program designed for small businesses impacted by the pandemic, to phish personal information and take over Facebook accounts. The perpetrators are trying to dupe people into thinking that the social network is handing out free money to...

gnupg -- AEAD key import overflow

Importing an OpenPGP key having a preference list for AEAD algorithms will lead to an array overflow and thus often to a crash or other undefined behaviour. Importing an arbitrary key can often easily be triggered by an attacker and thus triggering this bug. Exploiting the bug aside from crashes ...

Malicious Package in regenraotr

All versions of regenraotr are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When executed, the package calls home to a Command and Control server to execute arbitrary commands. Recommendation This...

Iblessing - An iOS Security Exploiting Toolkit, It Mainly Includes Application Information Collection, Static Analysis And Dynamic Analysis

iblessing iblessing is an iOS security exploiting toolkit, it mainly includes application information collection , static analysis and dynamic analysis. iblessing is based on unicorn engine and capstone engine. Features Cross-platform: Tested on macOS and Ubuntu. iOS App static info extract,...

Exploiting Android Messengers with WebRTC: Part 2

Posted by Natalie Silvanovich, Project Zero This is a three-part series on exploiting messenger applications using vulnerabilities in WebRTC. This series highlights what can go wrong when applications don't apply WebRTC patches and when the communication and notification of security issues breaks...

Hackers Are Exploiting a 5-Alarm Bug in Networking Equipment

For companies that haven't patched their BIG-IP products, it may already be too late...

Clario: No rate Limit on Licenses Activation

Introduction A little bit about Rate Limit A rate-limiting algorithm is used to check if the user session or IP-address has to be limited based on the information in the session cache. In case a client made too many requests within a given time-frame, HTTP-Servers can respond with status code 429...

Quick Player 1.3 - '.m3l' Buffer Overflow (Unicode & SEH)

Exploit Title: Quick Player 1.3 - '.m3l' Buffer Overflow Unicode & SEH Date: 2020-06-05 Author: Felipe Winsnes Software Link: http://download.cnet.com/Quick-Player/3640-21684-10871418.html Version: 1.3 Tested on: Windows 7 Proof of Concept: 1.- Run the python script "poc.py", it will create a new...

Node.js: Child process environment injection via prototype pollution

Summary: prototype pollution causes polluted system environment for child processes. Description: This can be used to inject arbitrary --require flags to node.js child processes or in the case of current node.js versions it can be used to inject arbitrary JavaScript to child processes. In practic...

CVE-2020-11549

An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite SRS60 AC3000 V2.5.1.106, Outdoor Satellite RBS50Y V2.5.1.106, and Pro Tri-Band Business WiFi Router SRR60 AC3000 V2.5.1.106. The root account has the same password as the Web-admin component. Thus, by exploiting...

SATO Printers Default Credentials (HTTP)

Multiple SATO printers are shipped with default credentials for the Copyright C 2020 Simmons Foods, Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free softwar...

Hackers Targeting Critical Healthcare Facilities With Ransomware During Coronavirus Pandemic

As hospitals around the world are struggling to respond to the coronavirus crisis, cybercriminals—with no conscience and empathy—are continuously targeting healthcare organizations, research facilities, and other governmental organizations with ransomware and malicious information stealers. The n...

Hackers are exploiting a critical, unpatched flaw in Windows

By Deeba Ahmed Microsoft has warned users that hackers are trying to exploit an unpatched vulnerability found in almost all versions of Windows. This is a post from HackRead.com Read the original post: Hackers are exploiting a critical, unpatched flaw in Windows...

Pandora FMS Ping Authenticated Remote Code Execution

This module exploits a vulnerability found in Pandora FMS 7.0NG and lower. nettools.php in Pandora FMS 7.0NG allows remote attackers to execute arbitrary OS commands. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

Hackers are exploiting critical vulnerability in Microsoft Exchange server

By Deeba Ahmed State-sponsored hackers are trying to exploit a vulnerability in Microsoft Exchange email servers, which Microsoft already patched in February. This is a post from HackRead.com Read the original post: Hackers are exploiting critical vulnerability in Microsoft Exchange server...

The vulnerability of the Windows COM Server component of the Windows operating system, which allows a perpetrator to increase their privileges

The vulnerability of the Windows COM Server component of the operating system is related to errors in the processing of COM objects. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

Rapid7 Metasploit Framework Zip Import Directory Traversal

Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ‘Path Traversal’ in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level...

CVE-2019-18426

A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when paired with WhatsApp for iPhone versions prior to 2.20.10 allows cross-site scripting and local file reading. Exploiting the vulnerability requires the victim to click a link preview from a specially crafted text message...

CVE-2019-18426

A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when paired with WhatsApp for iPhone versions prior to 2.20.10 allows cross-site scripting and local file reading. Exploiting the vulnerability requires the victim to click a link preview from a specially crafted text message...

Cisco Data Center Network Manager Multiple SQL Injection Vulnerabilities

Description Cisco Data Center Network Manager is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data or...