Using Threat Intelligence to Mitigate Wanna Decryptor (WannaCry)

Basics of Cyber Threat Intelligence Cyber Threat Intelligence is analyzed information about the opportunities, capabilities, and intent of cyber adversaries. The goal of cyber threat intelligence is to help people make decisions about how to prevent, detect, and respond to threats against their...

WannaCry: What We Know

On Friday, May 12, news agencies around the world reported that a new ransomware threat was spreading rapidly. Akamai's incident response teams and researchers worked quickly to understand this new threat and how to mitigate it. This blog post is a summary of what Akamai knows at this point...

util-linux: Sending SIGKILL to other processes with root privileges via su

A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions...

openSUSE Security Update : irssi (openSUSE-2017-241)

The IRC textmode client irssi was updated to version 1.0.1 to fix bugs and security issues. irssi 1.0.1 : - Fix Perl compilation in object dir - Fix incorrect HELP SERVER example - Correct memory leak in /OP and /VOICE - Fix regression that broke second level completion - Correct missing NULL...

Advanced Desktop Locker Lock Screen Bypass Vulnerability

Advanced Desktop Locker is a desktop protection tool that bypasses screen protection by killing the Advanced Desktop Locker process. Advanced Desktop Locker suffers from a lock screen bypass vulnerability that can be exploited by attackers to bypass the lock screen...

Cumulative Update for Windows 10 Version 1511: January 12, 2016

Cumulative Update for Windows 10 Version 1511: January 12, 2016 Summary This security update for Windows 10 Version 1511 includes improvements in the functionality of Windows 10 Version 1511 and resolves the following vulnerabilities in Windows: 3124605 MS16-008: Security update for Windows kerne...

Cumulative Update for Windows 10: January 12, 2016

Cumulative Update for Windows 10: January 12, 2016 Summary This security update for Windows 10 includes improvements in the functionality of Windows 10 and resolves the following vulnerabilities in Windows: 3124605 MS16-008: Security Update for Windows kernel to address elevation of privilege:...

Microsoft Security Advisory: Update Rollup for ActiveX Kill Bits

Microsoft Security Advisory: Update Rollup for ActiveX Kill Bits Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory, visit the following Microsoft website...

kernel: ALSA: Use-after-free in kill_fasync

A use-after-free vulnerability was found in ALSA pcm layer, which allows local users to cause a denial of service, memory corruption, or possibly other unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely...

Beware — Someone is dropping Malware-infected USB Sticks into People's Letterbox

Hey! Wait! Wait! Wait! Don't plug in that USB stick into your laptop. It could infect your computer with malware and viruses. Australia's Victoria Police Force has issued a warning regarding unmarked USB flash drives containing harmful malware being dropped inside random people's letterboxes in t...

Oh, It's On Sale! USB Kill to Destroy any Computer within Seconds

Remember Killer USB stick? A proof-of-concept USB prototype that was designed by a Russian researcher, Dark Purple, last year, to effectively destroy sensitive components of a computer when plugged in. Now, someone has actually created the Killer USB stick that destroys almost anything – such as...

Microsoft Process Kill Utility 6.3.9600.17298 Buffer Overflow

Credits: HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MS-KILL-UTILITY-BUFFER-OVERFLOW.txt + ISR: ApparitionSec Vendor: ================= www.microsoft.com Product: ========================================= Microsoft Process Kill Utility...

Microsoft Process Kill Utility (kill.exe) 6.3.9600.17298 - Crash (PoC)

Microsoft Process Kill Utility kill.exe 6.3.9600.17298 - Crash PoC ''' + Credits: HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MS-KILL-UTILITY-BUFFER-OVERFLOW.txt + ISR: ApparitionSec Vendor: ================= www.microsoft.com Product:...

Microsoft Process Kill Utility (kill.exe) 6.3.9600.17298 - Crash (PoC)

Exploit for windows platform in category dos / poc ''' + Credits: HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MS-KILL-UTILITY-BUFFER-OVERFLOW.txt + ISR: ApparitionSec Vendor: ================= www.microsoft.com Product:...

Microsoft Process Kill Utility (kill.exe) 6.3.9600.17298 - Crash (PoC)

''' + Credits: HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MS-KILL-UTILITY-BUFFER-OVERFLOW.txt + ISR: ApparitionSec Vendor: ================= www.microsoft.com Product: ========================================= Microsoft Process Kill Utility...

Bt2 - Blaze Telegram Backdoor Toolkit

bt2 is a Python-based backdoor in form of a IM bot that uses the infrastructure and the feature-rich bot API provided by Telegram, slightly repurposing its communication platform to act as a C&C. Dependencies Telepot requests Installation $ sudo pip install telepot $ sudo pip install requests PS:...

MariaDB Server 10.0.x < 10.0.22 Multiple DoS Vulnerabilities

Binary data 9284.prm...

Pro-ISIS Hackers release 'Kill List' Of 43 United States Officials

In Brief A group of pro-ISIS hackers calling themselves the United Cyber Caliphate UCC has issued a "Kill List" containing the names of dozens of U.S. government personnel at the Pentagon, Department of Homeland Security, State Department, and several other federal agencies. Meanwhile, the US...

ファントム オブ キル 【無料本格シミュレーションRPG】 - BSD license, Base64 encoded String, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application ファントム オブ キル 【無料本格シミュレーションRPG】 published at the 'play' market has multiple vulnerabilities...

Stickman Kill in Lab - Customized SSL, Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Stickman Kill in Lab published at the 'play' market has multiple vulnerabilities...