7691 matches found
Newly Observed Ursnif Variant Employs Malicious TLS Callback Technique to Achieve Process Injection
Introduction TLS Thread Local Storage callbacks are provided by the Windows operating system to support additional initialization and termination for per-thread data structures. As previously reported, malicious TLS callbacks, as an anti-analysis trick, have been observed for quite some time and...
Google Detects Android Spyware That Spies On WhatsApp, Skype Calls
In an attempt to protect Android users from malware and shady apps, Google has been continuously working to detect and remove malicious apps from your devices using its newly launched Google Play Protect service. Google Play Protect—a security feature that uses machine learning and app usage...
How to force HTTPS on the ELM
Many customers have security requirements mandating the use of https. There is no way within the management console of the Enterprise Layer Manager to force https, so Engineering has approved this as the officially supported method to configure the appliance to be https-only...
OSX Meterpreter, Reverse HTTPS Inline
Run the Meterpreter / Mettle server payload stageless This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Module generated by tools/modules/generatemettlepayloads.rb module MetasploitModule CachedSize = 815032 include...
Linux Meterpreter, Reverse HTTPS Inline
Run the Meterpreter / Mettle server payload stageless This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Module generated by tools/modules/generatemettlepayloads.rb module MetasploitModule CachedSize = 1622448 include...
Microsoft Windows Rogue Root Certificate Authorities Detection
One or more dangerous self-signed certificates are present on the host machine. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of November 20, 2017
It’s that time of year again, when many will gather with their families, eat way too much, and catch those crazy Black Friday sales. I’ve been seeing “Black Friday” sales for almost two weeks now. Cyber Monday, which falls on the Monday after the U.S. Thanksgiving holiday, is probably going to be...
Fedora 26 : python-copr (2017-60c61b6e79)
Change default COPR URL route from http://copr.fedoraproject.org to https://copr.fedorainfracloud.org Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...
Python Meterpreter Shell, Reverse HTTPS Inline
Connect back to the attacker and spawn a Meterpreter shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = :dynamic include Msf::Payload::Single include Msf::Payload::Python includ...
Cross-site Request Forgery (CSRF) Bypass
Symfony is vulnerable to cross-site request forgery CSRF attacks. The library uses the same CSRF tokens for HTTP and HTTPS connections, allowing a malicious user to sniff tokens sent through HTTP and use them to conduct CSRF attacks...
SpookFlare - Meterpreter Loader Generator With Multiple Features For Bypassing Client-Side And Network-Side Countermeasures
SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader generator for Meterpreter Reverse HTTP and HTTPS stages. SpookFlare has custom...
CVE-2017-16653: CSRF protection does not use different tokens for HTTP and HTTPS
Affected versions Symfony 2.7.0 to 2.7.37, 2.8.0 to 2.8.30, 3.2.0 to 3.2.13, and 3.3.0 to 3.3.12 versions of the Symfony Security component are affected by this security issue. The issue has been fixed in Symfony 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. Note that no fixes are...
CVE-2017-16653: CSRF protection does not use different tokens for HTTP and HTTPS
More info at https://symfony.com/cve-2017-16653...
CVE-2017-16653: CSRF protection does not use different tokens for HTTP and HTTPS
More info at https://symfony.com/cve-2017-16653...
CVE-2017-16653: CSRF protection does not use different tokens for HTTP and HTTPS
More info at https://symfony.com/cve-2017-16653...
CVE-2017-7835
Mixed content blocking of insecure HTTP sub-resources in a secure HTTPS document was not correctly applied for resources that redirect from HTTPS to HTTP, allowing content that should be blocked, such as scripts, to be loaded on a page. This vulnerability affects Firefox 57...
CVE-2017-12636
CouchDB administrative users can configure the database server via HTTPS. Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitra...
httpd: mod_ssl NULL pointer dereference
A NULL pointer dereference flaw was found in the httpd's modssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request...
Important: Red Hat Security Advisory: httpd security update
An update for httpd is now available for Red Hat Enterprise Linux 7.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
httpd: mod_ssl NULL pointer dereference
A NULL pointer dereference flaw was found in the httpd's modssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request...