Azure File Sync Agent v14 Release – October 2021

Azure File Sync Agent v14 Release – October 2021 This article describes the improvements and issues that are fixed in the Azure File Sync Agent v14 release that is dated October 2021. Additionally, this article contains installation instructions for this release. Improvements and issues that are...

Vulnerability of the fastrpc_internal_invoke function (drivers/misc/fastrpc.c) in the Linux operating system kernel, allowing a hacker to execute any control command

The vulnerability of the fastrpcinternalinvoke function drivers/misc/fastrpc.c in the Linux kernel is related to insecure privilege management. Exploiting this vulnerability could allow an attacker to execute arbitrary control commands...

LightMe - HTTP Server Serving Obfuscated Powershell Scripts/Payloads

LightMe is a Simple HTTP Server serving Powershell Scripts/Payloads after Obfuscate them and run obfuscation as a service in backgroud in order to keep obfuscate the payloads which giving almost new obfuscated payload on each HTTP request Main Features Obfuscate all powershell files within a...

Dolibarr ERP/CRM 10.0.6 Login Brute Forcer

Exploit Title: Dolibarr ERP/CRM 10.0.6 - Login Brute Force Date:2020-01-18 Exploit Author: Creamy Chicken Soup Vendor Homepage: https://www.dolibarr.org Software Link: https://sourceforge.net/projects/dolibarr/ Version: 10.0.6 Tested on: Windows 10 - 64bit CVE: CVE-2020-7995 function...

NamedPipePTH - Pass The Hash To A Named Pipe For Token Impersonation

This project is a PoC code to use Pass-the-Hash for authentication on a local Named Pipe user Impersonation. There also is a blog post for explanation: https://s3cur3th1ssh1t.github.io/Named-Pipe-PTH/ It is heavily based on the code from the projects Invoke-SMBExec.ps1 and RoguePotato. I faced...

Design/Logic Flaw

While waiting for a response to a callback or listener request, non-secure clients can change permissions to shared memory buffers used by HLOS Invoke Call to secure kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

CVE-2020-11298

CVE-2020-11298 affects Qualcomm Snapdragon platforms where non-secure clients can change permissions on shared memory buffers used by the HLOS Invoke Call to the secure kernel. The issue is described as local in scope with potential for elevation of privileges, based on the affected Snapdragon Au...

Invoke-Stealth - Simple And Powerful PowerShell Script Obfuscator

Invoke-Stealth is a Simple & Powerful PowerShell Script Obfuscator. This tool helps you to automate the obfuscation process of any script written in PowerShell with different techniques. You can use any of them separately, together or all of them sequentially with ease, from Windows or Linux...

An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages aka CID-20c40794eb85. This is a related issue to CVE-2019-2308.

...

UBUNTU-CVE-2021-28375

An issue was discovered in the Linux kernel through 5.11.6. fastrpcinternalinvoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308...

PT-2021-1512 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.11.6 Description: An issue was discovered in the Linux kernel where the fastrpc internal invoke function in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages. This coul...

Exploit for Path Traversal in Vmware Cloud_Foundation

VMwarevCenterCVE-2021-21972 VMware vCenter CVE-2021-21972 Re...

Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks

New research has uncovered a significant increase in QuickBooks file data theft using social engineering tricks to deliver malware and exploit the accounting software. "A majority of the time, the attack involves basic malware that is often signed, making it hard to detect using antivirus or othe...

SharpEDRChecker - Checks Running Processes, Process Metadata, DLLs Loaded Into Your Current Process And The Each DLLs Metadata, Common Inst all Directories, Installed Services And Each Service Binaries Metadata, Installed Drivers And Each Drivers Metadata, All For The Presence Of Known Defensive Products Such As AV's, EDR's And Logging Tools

New and improved C Implementation of Invoke-EDRChecker. Checks running processes, process metadata, Dlls loaded into your current process and each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for...

SUSE-SU-2021:0085-1 Security update for crmsh

This update for crmsh fixes the following issue: - CVE-2020-35459: Fixed a privilege escalation in hawkinvoke bsc1179999...

PT-2020-6817 · Clusterlabs +1 · Clusterlabs Hawk +1

Name of the Vulnerable Software and Affected Versions: ClusterLabs Hawk versions 2.3.0 through 2.3.0-15 Description: The issue in ClusterLabs Hawk is related to the hawk invoke binary, which is intended to be used as a setuid program, allowing the hacluster user to invoke certain commands as root...

Lemon Duck Cryptocurrency-Mining Botnet Activity Spikes

Researchers are warning of a recent dramatic uptick in the activity of the Lemon Duck cryptocurrency-mining botnet, which targets victims’ computer resources to mine the Monero virtual currency. Click to Register! Researchers warn that Lemon Duck is “one of the more complex” mining botnets, with...

SAP Marketing Improper Access Control Vulnerability

SAP Marketing is a suite of marketing solutions for SAP. An improper access control vulnerability exists in SAP Marketing Servlet versions 130, 140, and 150. An authenticated attacker could exploit this vulnerability to invoke certain restricted functions and perform tasks related to interactive...

NetWalker Ransomware Rakes in $29M Since March

The NetWalker ransomware has been around for about a year, but it has really made a name for itself in 2020, racking up around $29 million in extortion gains just since March. First detected in August 2019, NetWalker lingered around before surging in use in March through June, according to an...

PrivescCheck

This is an offensive tool for Windows privilege escalation. It is an extended and updated version of PowerUp, aiming to enumerate common Windows security misconfigurations that can be leveraged for privilege escalation and gather various information useful for exploitation and/or post-exploitatio...