PortSwigger Web Security: burp does not validate the common name of the presented collaborator server certificate

Burp is not validating correctly if the presented certificate in collaborator server. It warns if it is a self signed one, but if it is a legitimate one any valid CA, it appears not to be checking the CN. This is an issue for the polling service, since it allows for the connection to be intercept...

Hacker Can Steal Data from Air-Gapped Computers through Power Lines

Do you think it is possible to extract data from a computer using its power cables? If no, then you should definitely read about this technique. Researchers from Israel's Ben Gurion University of the Negev—who majorly focus on finding clever ways to exfiltrate data from an isolated or air-gapped...

Secret Service Warns of Chip Card Scheme

The U.S. Secret Service is warning financial institutions about a new scam involving the temporary theft of chip-based debit cards issued to large corporations. In this scheme, the fraudsters intercept new debit cards in the mail and replace the chips on the cards with chips from old cards. When...

Critical flaw leaves thousands of Cisco Switches vulnerable to remote hacking

Security researchers at Embedi have disclosed a critical vulnerability in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to execute arbitrary code, take full control over the vulnerable network equipment and intercept traffic. The stack-based...

Audi Travel App has a Bursting Vulnerability

Audi Travel App is a travel service software. Audi Travel APP is vulnerable to a blasting vulnerability. An attacker can log in to any user account and perform unauthorized operations by grabbing packets and bursting them...

Unspecified Vulnerability in TitanHQ WebTitan Gateway

TitanHQ WebTitan Gateway is a scalable web filtering appliance. The appliance is used to filter malware, ransomware botnets, malicious websites and more. A security vulnerability exists in TitanHQ WebTitan Gateway that stems from the program failing to properly validate certificates for the TLS...

CVE-2017-18227

TitanHQ WebTitan Gateway has incorrect certificate validation for the TLS interception feature...

Information disclosure

TitanHQ WebTitan Gateway has incorrect certificate validation for the TLS interception feature...

CVE-2017-18227

TitanHQ WebTitan Gateway has an incorrect certificate validation in its TLS interception feature, as described by CVE-2017-18227. The vulnerability relates to improper certificate handling within the TLS interception functionality of WebTitan Gateway. Connected documents corroborate the issue, bu...

CVE-2017-18227

TitanHQ WebTitan Gateway has incorrect certificate validation for the TLS interception feature...

New FlawedAmmyy RAT steals data and intercepts audio chat

By Waqas The FlawedAmmyy RAT has been developed using the leaked source This is a post from HackRead.com Read the original post: New FlawedAmmyy RAT steals data and intercepts audio chat...

CMS Made Simple 2.1.6 Remote Code Execution

Exploit Title: CMS Made Simple 2.1.6 - Remote Code Execution Date: 2018-02-26 Exploit Author: Keerati T. Vendor Homepage: http://www.cmsmadesimple.org/ Software Link: http://s3.amazonaws.com/cmsms/downloads/13570/cmsms-2.1.6-install.zip Version: 2.1.6 CVE: CVE-2018-7448 Tested on: Linux...

Free and Open Source Interactive HTTPS Proxy: mitmproxy

mitmproxy is your swiss-army knife for debugging, testing, privacy measurements, and penetration testing. It can be used to intercept, inspect, modify and replay web traffic such as HTTP/1, HTTP/2, WebSockets, or any other SSL/TLS-protected protocols. You can prettify and decode a variety of...

CVE-2016-0351

IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 does not set the secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. IBM X-Force ID:...

CVE-2016-0351

IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 does not set the secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. IBM X-Force ID:...

Vend VDP: Improper access control on adding a Register to an Outlet

Summary: User without permissions to add a Register to an Outlet can bypass this restriction and add a Register to an Outlet. Description: I do not know which permission exactly controls this action, I tested this against default Cashier role. User with default Cashier role has no permission to a...

chrome:Persistent UXSS via SchemaRegistry(CVE-2016-1676)

Chrome version: 50.0.2661.75 and still present on current HEAD, 52.0.2713.0 The SchemaRegistry stores extension API schemas in a single v8::Context that lives until the RenderThread =process? is destroyed. Due to vulnerabilities in binding.js, these objects can be intercepted by malicious web...

General Motors and Shanghai OnStar iOS Client Man-in-the-Middle Attack Vulnerability

General Motors GM and Shanghai OnStar SOS iOS Client is an iOS-based application for making SOS distress calls for drivers in the event of a motor vehicle collision. A security vulnerability exists in the GM and SOS iOS Client version 7.1. The vulnerability can be exploited by an attacker to...

CVE-2017-12697

A Man-in-the-Middle issue was discovered in General Motors GM and Shanghai OnStar SOS SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to intercept sensitive information when the client connects to the server...

Design/Logic Flaw

A Man-in-the-Middle issue was discovered in General Motors GM and Shanghai OnStar SOS SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to intercept sensitive information when the client connects to the server...