20 matches found
EUVD-2022-5787
Malicious code in bioql PyPI...
Metasploit Framework user exposes Metasploit to same deserialization issue that is exploited by that module
By launching the drbremotecodeexec exploit, a Metasploit Framework user will inadvertently expose Metasploit to the same deserialization issue that is exploited by that module, due to the reliance on the vulnerable Distributed Ruby class functions. Since Metasploit Framework typically runs with...
Hack Back Is Still Wack
Every year or two, we see a policy proposal around authorizing private-sector hack back. The latest of these is legislation from two U.S. Senators, Daines and Whitehouse, and it would require the U.S. Department of Homeland Security DHS to “conduct a study on the potential benefits and risks of...
CVE-2020-7385
By launching the drbremotecodeexec exploit, a Metasploit Framework user will inadvertently expose Metasploit to the same deserialization issue that is exploited by that module, due to the reliance on the vulnerable Distributed Ruby class functions. Since Metasploit Framework typically runs with...
Remote Desktop Client remote code execution vulnerability
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka ‘Remote Desktop Client Remote Code Execution Vulnerability’. Recent assessments: busterb at January 15, 2020 2:29am UTC reported: This is a client-side exploit, which...
This Week in Security News: Spam Campaigns and Cryptocurrency Miners
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about advanced targeted attack tools being used to distribute cryptocurrency miners as well as a spam campaign targeting European user...
Bejtlich on the APT1 Report: No Hack Back
Before reading the rest of this post, I suggest reading Mandiant/FireEye's statement Doing Our Part -- Without Hacking Back. I would like to add my own color to this situation. First, at no time when I worked for Mandiant or FireEye, or afterwards, was there ever a notion that we would hack into...
This Week in Security News: ePrivacy and Hack Back
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, the Council of the European Union reviewed a bill dubbed the “ePrivacy” Regulation, which targets message-sharing services like WhatsApp and...
Why tech companies wanted Senate Bill 315 vetoed
When Georgia Senate Bill 315 SB-315 was introduced, people in the tech world anxiously awaited its fate, regardless of their geographic location. They knew that some laws initially restricted to single states become more widespread after politicians set precedents. And they knew that this law cou...
Georgia Governor Vetoes Controversial Hack-Back Bill
Recognizing the concerns of tech giants and security researchers alike, Georgia Gov. Nathan Deal has vetoed a controversial “hack-back” bill that would have allowed companies in the state to perform offensive cyber-actions in the face of an attack. “Certain components of the legislation have led ...
Hacktivists, Tech Giants Protest Georgia’s ‘Hack-Back’ Bill
As Georgia Governor Nathan Deal considers whether to sign a controversial piece of legislation that would allow companies to “hack back” with offensive initiatives in the face of a cyberattack, companies from across the tech spectrum are lining up to protest the measure. Also, a hacktivist group...
A week in security (November 6 – November 12)
After coming out victorious in a case against PUPs, Malwarebytes CEO Marcin Kleczynski has this to say: We fought for our users and we won. -- Marcin Kleczynski @mkleczynski November 9, 2017 And my, do we feel like champions! You can read more about this here. Last week, we looked into the...
October 26, 2017 – Morning Cyber Coffee Headlines – “Continental Congress” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! October 26, 2017 - Headlines Carbon Black in the News: Protecting elections fro...
October 21, 2017 – Morning Cyber Coffee Headlines – “British Parliament” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! October 21, 2017 - Headlines Carbon Black in the News: Not good: Ransomware is...
A week in security (Jun 05 – Jun 11)
Last week, we interviewed our very own Pieter Arntz to get to know him a little better. We also touched on the importance of HTTPS and focused on a new social engineering scheme that triggers on mouse movement. We also took a deeper look at LatentBot, a Trojan that is being distributed by the RIG...
Free Directory Script 1.1.1 (API_HOME_DIR) RFI Vulnerability
No description provided by source. Directory v1.1.1 APIHOMEDIR RFI Vulnerablity © Ghost Hacker , Real Hack Back : Author : Ghost Hacker Homepage : www.Real-h.com Real Hack Back Contact Me : Ghost-r00tatHotmaildotcom Bug : RFI From : Kingdom Saudi Arabia Name Script : Directory v1.1.1 Download :...
directory-rfi.txt
Directory v1.1.1 APIHOMEDIR RFI Vulnerablity © Ghost Hacker , Real Hack Back : Author : Ghost Hacker Homepage : www.Real-h.com Real Hack Back Contact Me : Ghost-r00tatHotmaildotcom Bug : RFI From : Kingdom Saudi Arabia Name Script : Directory v1.1.1 Download :...
Free Directory Script 1.1.1 (API_HOME_DIR) RFI Vulnerability
Exploit for unknown platform in category web applications ============================================================ Free Directory Script 1.1.1 APIHOMEDIR RFI Vulnerability ============================================================ Directory v1.1.1 APIHOMEDIR RFI Vulnerablity © Ghost Hacker...
Free Directory Script 1.1.1 - API_HOME_DIR Remote File Inclusion
Free Directory Script 1.1.1 - APIHOMEDIR Remote File Inclusion Directory v1.1.1 APIHOMEDIR RFI Vulnerablity © Ghost Hacker , Real Hack Back : Author : Ghost Hacker Homepage : www.Real-h.com Real Hack Back Contact Me : Ghost-r00tatHotmaildotcom Bug : RFI From : Kingdom Saudi Arabia Name Script :...
News Manager Remote SQL Injection Vulnerability
News Manager Remote SQL Injection Vulnerability © Ghost Hacker , Real Hack Back : Author : Ghost Hacker Home page : www.Real-h.com Real Hack Back Contact Me : [email protected] Bug : SQL Injection From : Kingdom Saudi Arabia Name Script : News Manager Download :...