9 matches found
Friday Squid Blogging: A New Explanation of Squid Camouflage
New research: An associate professor of chemistry and chemical biology at Northeastern University, Deravi’s recently published paper in the Journal of Materials Chemistry C sheds new light on how squid use organs that essentially function as organic solar cells to help power their camouflage...
service.northeastern.edu Cross Site Scripting vulnerability OBB-2871658
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
openairx-labs.northeastern.edu Cross Site Scripting vulnerability OBB-2681562
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
LAVA - Large-scale Automated Vulnerability Addition
Evaluating and improving bug-finding tools is currently difficult due to a shortage of ground truth corpora i.e., software that has known bugs with triggering inputs. LAVA attempts to solve this problem by automatically injecting bugs into software. Every LAVA bug is accompanied by an input that...
camd.northeastern.edu XSS vulnerability
Open Bug Bounty ID: OBB-353340 Description| Value ---|--- Affected Website:| camd.northeastern.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Scarlet Mimic Behind Espionage Campaign Against Tibetan, Uyghur Activists
Researchers believe a single group is responsible for a series of attacks over the years to spy on Tibetan and Uyghur activists. For four years the group has used a cornucopia of spearphishing emails, a watering hole attack, and a backdoor Trojan to carry out espionage. Dubbed Scarlet Mimic, the...
GUI Bugs Expose Information Disclosure, Privilege Escalation
Developers are creating countless information disclosure and privilege escalation vulnerabilities by misusing elements of various graphical user interfaces as a mechanisms for access control, according to a new research paper from the Northeastern University College of Computer and Information...
New App ReKey Fixes Android Master Key Vulnerability
The Android master key vulnerability disclosed a couple of weeks ago puts nearly all Android phones at risk of attacks that can modify legitimate apps with malicious code that would give the attacker full control of the device. Google has released a patch, but Android users are dependent upon the...
[Full-disclosure] PHP-Calendar SQL Credential Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Risk: Moderate Exploitable: Remotely Vulnerability: Information disclosure Version: Multiple Versions PHP-Calendar http://www.php-calendar.com was "written for a college social group at Northeastern University to keep track of events, etc. We...