Lucene search
K

6202 matches found

ThreatPost
ThreatPost
added 2015/02/17 11:1 a.m.34 views

Inside nls_933w.dll, the Equation APT Persistence Module

CANCUN – The names called out like beacons from the screen: Samsung; Seagate; Western Digital; Hitachi; Maxtor. Hardware makers were in the crosshairs of the Equation APT group and it was perhaps the worst possible scenario imagined by researchers looking at the frightening and extensive storehou...

7.2AI score
Exploits0References2
Atlassian
Atlassian
added 2015/02/13 12:27 a.m.40 views

Crucible does not clear all Tokens when Browser is Closed

Problem Closing a browser ends the user session. When the user re-opens the browser and accesses Crucible, there is no login prompt and Crucible treats it like an authenticated user. Any page loads after the initial will result in the user being directed to the login page. Steps to Reproduce Have...

6.8AI score
Exploits0Affected Software1
ThreatPost
ThreatPost
added 2015/02/10 9:0 a.m.239 views

Researchers: PlugX More Prominent Than Ever

Existing in some form since 2008, the popular remote access tool PlugX has as notorious a history as any malware, but according to researchers the tool saw a spike of popularity in 2014 and is the go-to malware for many adversary groups. Many attacks, especially those occurring during the latter...

9.3CVSS7AI score0.99966EPSS
Exploits22References6
Tenable Nessus
Tenable Nessus
added 2015/01/20 12:0 a.m.22 views

IBM WebSphere Service Registry and Repository 8.5 < 8.5.0.1 Multiple Vulnerabilities

The version of IBM WebSphere Service Registry and Repository WSRR is version 8.5 prior to 8.5.0.1. It is therefore, affected by multiple vulnerabilities : - An unspecified DOM based cross-site scripting XSS vulnerability in the WSRR web UI. CVE-2014-6132 - WSSR web interface issues a cookie that ...

4.3CVSS5.1AI score0.02424EPSS
Exploits0References5
Fedora
Fedora
added 2014/12/15 4:35 a.m.27 views

[SECURITY] Fedora 20 Update: castor-1.3.3-1.fc20

Castor is an open source data binding framework for Java. It's basically the shortest path between Java objects, XML documents and SQL tables. Castor provides Java to XML binding, Java to SQL persistence, and more...

4.3CVSS2.7AI score0.07794EPSS
Exploits3
Vulnerability Lab
Vulnerability Lab
added 2014/10/27 12:0 a.m.28 views

SeasonApps iTransfer 1.1 - Persistent UI Vulnerability

Document Title: =============== SeasonApps iTransfer 1.1 - Persistent UI Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1347 Release Date: ============= 2014-10-27 Vulnerability Laboratory ID VL-ID: ==================================== 134...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2014/10/06 12:0 a.m.19 views

Microsoft Yammer - Bypass & Persistent Vulnerabilities

Document Title: =============== Microsoft Yammer - Bypass & Persistent Vulnerabilities References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1330 View: https://www.youtube.com/watch?v=0w8S3uryeII Advisory: http://www.vulnerability-lab.com/getcontent.php?id=976 Release Date:...

0.1AI score
Exploits0
Fedora
Fedora
added 2014/09/23 4:42 a.m.12 views

[SECURITY] Fedora 21 Update: haproxy-1.5.4-1.fc21

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

0.8AI score
Exploits0
ThreatPost
ThreatPost
added 2014/09/18 10:57 a.m.25 views

Dyre Trojan Targeting More than Salesforce.com Credentials

The criminals who unleashed a variant of the Dyre banking Trojan recently may have more up their sleeve than harvesting Salesforce.com credentials. Analysis of a sample conducted by SaaS security company Adallom determined that the new strain of Dyre is targeting large enterprises in addition to...

0.9AI score
Exploits0References2
ThreatPost
ThreatPost
added 2014/08/29 12:41 p.m.8 views

CryptoWall Ransomware Earns $1.1M, Encrypts 5 Billion Files

CryptoWall is a million-dollar business. The file-encrypting ransomware has netted the criminal gang responsible for its development and dispersal, more than $1.1 million in the six months it’s been in the wild, researchers at Dell SecureWorks’ Counter Threat Unit said in a report this week. The...

1.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2014/08/11 4:58 p.m.9 views

Millions of PCs Affected by Mysterious Computrace Backdoor

UPDATE: A previous version of this story incorrectly stated that Anibal Sacco works for Core Security. Sacco left Core Security last year to start Cubica Labs. LAS VEGAS – Nearly every PC has an anti-theft product called Computrace embedded in its BIOS PCI Optional ROM or its unified extensible...

0.7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2014/07/03 1:0 p.m.21 views

Miniduke APT Campaigh Returns with New Targets, Hacking Tools

The Miniduke advanced persistent threat APT campaign uncovered by researchers at Kaspersky Lab and CrySys Lab in February 2013 is back after a year-long hiatus in which attacks abated almost entirely. While the initial Miniduke operations primarily targeted government organizations in Europe, thi...

0.7AI score
Exploits0References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.30 views

Alteon AceDirector Half-Closed HTTP Request IP Address Revealing Vulnerabililty

No description provided by source. source: http://www.securityfocus.com/bid/3964/info Alteon ACEdirector is a hardware solution distributed by Nortel Networks. ACEdirector runs the Nortel WebOS operating system. It is possible to retrieve the real IP addresses of webservers that are managed by an...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

appRain Quick Start Edition Core Edition Multiple 0.1.4-Alpha - XSS Vulnerabilities

No description provided by source. Title : appRain Quick Start Edition Core Edition Multiple Persistence Cross-Site Scripting Vulnerabilities. Author : Antu Sanadi from SecPod Technologies www.secpod.com Vendor : http://www.apprain.com/ Advisory : http://secpod.org/blog/?p=215...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

CyberLink Power2Go Essential 9.0.1002.0 - Registry SEH/Unicode Buffer Overflow

No description provided by source. !/usr/bin/perl Exploit Title: CyberLink Power2Go Essential 9.0.1002.0 - Registry SEH/Unicode Buffer Overflow Discovery date: 11-26-2013 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software/Version: CyberLink Power2Go 9 Essential 9.0.1002.0...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.56 views

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2012:1154-1)

Java-170-openjdk was updated to fix a remote exploit CVE-2012-4681. Also bugfixes were done : - fix build on ARM and i586 - remove files that are no longer used - zero build can be enabled using rpmbuild osc build --with zero - add hotspot 2.1 needed for zero - fix filelist on %ix86 - Security...

10CVSS8.5AI score0.98536EPSS
Exploits10References7
Kitploit
Kitploit
added 2014/05/28 2:4 a.m.91 views

Kali Linux 1.0.7 Released

Kernel 3.14, Tool Updates, Package Improvements Kali linux 1.0.7 has just been released, complete with a whole bunch of tool updates, a new kernel, and some cool new features. Check out our changelog for a full list of these items. As usual, you don’t need to re-download or re-install Kali to...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/05/01 12:0 a.m.32 views

Google Chrome OS < 33.0.1750.152 Multiple Vulnerabilities

Binary data 8202.prm...

10CVSS9.7AI score0.04822EPSS
Exploits6References9
Tenable Nessus
Tenable Nessus
added 2014/03/17 12:0 a.m.29 views

Google Chrome OS < 33.0.1750.152 Multiple Security Vulnerabilities (deprecated)

Binary data 8161.prm...

10CVSS9.7AI score0.04822EPSS
Exploits6References8
NVD
NVD
added 2014/03/16 2:6 p.m.24 views

CVE-2014-1708

The boot implementation in Google Chrome OS before 33.0.1750.152 does not properly consider file persistence, which allows remote attackers to execute arbitrary code via unspecified vectors...

10CVSS7.4AI score0.02032EPSS
Exploits1References2
Rows per page
Query Builder