Django Account Hijacking Vulnerability - Linux

Django is prone to an account hijacking vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django";...

Nord Security: CORS Misconfiguration on nordvpn.com leading to Private Information Disclosure,Account takeover

Summary: An cross-origin resource sharing CORS policy controls whether and how content running on other domains can perform two-way interaction with the domain that publishes the policy. The policy is fine-grained and can apply access controls per-request based on the URL and other features of th...

Critical Bug in WordPress Plugins Open Sites to Hacker Takeovers

UPDATE Security researchers are warning users of two WordPress plugins – made by Brainstorm Force – that they need to patch a “major” vulnerability that could allow hackers to gain administrative access to any website using the plugins. According to Brainstorm Force, it is only aware of one...

Adobe Acrobat and Reader APSB19-55 Multiple Arbitrary Code Execution Vulnerabilities

Description Adobe Acrobat and Reader are prone to multiple arbitrary code-execution vulnerabilities. Successfully exploiting these issues allows attackers to execute arbitrary code in the context of current user running the affected application. Failed exploits will result in denial-of-service...

‘StrandHogg’ Vulnerability Allows Malware to Pose as Legitimate Android Apps

Researchers have discovered a new Android vulnerability that could allow malware to pose as popular apps and ask for various permissions, potentially allowing hackers to listen in on users, take photos, read and send SMS messages, and basically take over various functions as if they are the...

The cybercrime ecosystem: attacking blogs

Executive summary The Cybercrime Ecosystem is a series of articles explaining how cybercriminals operate, what drives them, what techniques they use and how we, regular Internet users, are part of that ecosystem. The articles will also cover technical details and up-to-date research on the threat...

CVE-2019-19036

btrfsrootnode in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcudereferenceroot-node can be zero...

Trusted Platform Module CVE-2019-16863 Unspecified Security Vulnerability

Description Trusted Platform Module is prone to an unspecified security vulnerability. Successfully exploiting this issue will allow attackers to perform unauthorized actions; this may aid in launching further attacks. Technologies Affected STMicroelectronics Trusted Platform Module Trusted...

UAC-A-Mola - Tool That Allows Security Researchers To Investigate New UAC Bypasses, In Addition To Detecting And Exploiting Known Bypasses

UAC-A-Mola is a tool that allows security researchers to investigate new UAC bypasses, in addition to detecting and exploiting known bypasses. UAC-A-mola has modules to carry out the protection and mitigation of UAC bypasses. The strong point of uac-a-mola is that it was created so that other...

Ansible CVE-2019-14858 Information Disclosure Vulnerability

Description Ansible is prone to an information-disclosure vulnerability. Successfully exploiting this issue may allow an attacker to obtain sensitive information that may aid in further attacks. Versions prior to Ansible 2.6.20, 2.7.14, 2.8.6 and 2.9.0rc4 are vulnerable. Technologies Affected...

Code injection

By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of...

Microsoft Windows NTLM CVE-2019-1338 Security Bypass Vulnerability

Description Microsoft Windows is prone to a security bypass vulnerability. Successfully exploiting this issue may allow attackers to bypass certain security restrictions and perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. Technologies Affecte...

Finding a Better Route to Router and Home Network Security

When was the last time you looked at your home router? We tend to only notice these magical boxes when something goes wrong. And given that many of us get our router as part of a single broadband box technically known as a gateway, combining modem and router in one device, there’s even less...

Cell Networks Hacked by (Probable) Nation-State Attackers

A sophisticated attacker has successfuly infiltrated cell providers to collect information on specific users: The hackers have systematically broken in to more than 10 cell networks around the world to date over the past seven years to obtain massive amounts of call records -- including times and...

VMware Workstation DLL Hijacking

--------------------------------------------------------- Title: VMware Workstation DLL hijacking DLLIMPORT void SHGetFolderPathW MessageBox0, "s1kr10s", "VMWare-Poc", MBICONINFORMATION; exit0; -------------------------- https://www.vmware.com/security/advisories/VMSA-2019-0007.html...

Insecure Credential Storage

Overview All versions of web3 are vulnerable to Insecure Credential Storage. The package stores encrypted wallets in local storage and requires a password to load the wallet. Once the wallet is loaded, the private key is accessible via LocalStorage. Exploiting this vulnerability likely requires a...

Explained: like-farming

Like-farming, aka like-harvesting, is a method used by commercial parties and scammers alike to raise the popularity of a site or domain. The ultimate dream of every like-farmer is for his post to go viral by accumulating as many likes and shares as possible from all over the world. Like-farmers...

State-Sponsored DNS Hijacking Infiltrates 40 Firms Globally

A newly-discovered state-sponsored campaign is targeting national security organizations across the Middle East and North Africa MENA – and elsewhere – with domain name system DNS hijacking attacks, used to scoop up credentials. The campaign, dubbed “Sea Turtle” by the Cisco Talos researchers who...

Hackers exploiting unpatched Chrome bug to target 500M iPhone users

By Uzair Amir In this attack, eGobbler threat group is exploiting Chrome Sandboxing bug to target iOS devices in the US and EU. Malvertising campaigns, in which malware is distributed through advertisements, have become a common norm nowadays. But, the latest malvertising campaign that’s been...

Hacking microcontroller firmware through a USB

In this article, I want to demonstrate extracting the firmware from a secure USB device running on the Cortex M0. Who hacks video game consoles? The manufacture of counterfeit and unlicensed products is widespread in the world of video game consoles. It's a multi-billion dollar industry in which...