6202 matches found
Inside nls_933w.dll, the Equation APT Persistence Module
CANCUN – The names called out like beacons from the screen: Samsung; Seagate; Western Digital; Hitachi; Maxtor. Hardware makers were in the crosshairs of the Equation APT group and it was perhaps the worst possible scenario imagined by researchers looking at the frightening and extensive storehou...
Crucible does not clear all Tokens when Browser is Closed
Problem Closing a browser ends the user session. When the user re-opens the browser and accesses Crucible, there is no login prompt and Crucible treats it like an authenticated user. Any page loads after the initial will result in the user being directed to the login page. Steps to Reproduce Have...
Researchers: PlugX More Prominent Than Ever
Existing in some form since 2008, the popular remote access tool PlugX has as notorious a history as any malware, but according to researchers the tool saw a spike of popularity in 2014 and is the go-to malware for many adversary groups. Many attacks, especially those occurring during the latter...
IBM WebSphere Service Registry and Repository 8.5 < 8.5.0.1 Multiple Vulnerabilities
The version of IBM WebSphere Service Registry and Repository WSRR is version 8.5 prior to 8.5.0.1. It is therefore, affected by multiple vulnerabilities : - An unspecified DOM based cross-site scripting XSS vulnerability in the WSRR web UI. CVE-2014-6132 - WSSR web interface issues a cookie that ...
[SECURITY] Fedora 20 Update: castor-1.3.3-1.fc20
Castor is an open source data binding framework for Java. It's basically the shortest path between Java objects, XML documents and SQL tables. Castor provides Java to XML binding, Java to SQL persistence, and more...
SeasonApps iTransfer 1.1 - Persistent UI Vulnerability
Document Title: =============== SeasonApps iTransfer 1.1 - Persistent UI Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1347 Release Date: ============= 2014-10-27 Vulnerability Laboratory ID VL-ID: ==================================== 134...
Microsoft Yammer - Bypass & Persistent Vulnerabilities
Document Title: =============== Microsoft Yammer - Bypass & Persistent Vulnerabilities References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1330 View: https://www.youtube.com/watch?v=0w8S3uryeII Advisory: http://www.vulnerability-lab.com/getcontent.php?id=976 Release Date:...
[SECURITY] Fedora 21 Update: haproxy-1.5.4-1.fc21
HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...
Dyre Trojan Targeting More than Salesforce.com Credentials
The criminals who unleashed a variant of the Dyre banking Trojan recently may have more up their sleeve than harvesting Salesforce.com credentials. Analysis of a sample conducted by SaaS security company Adallom determined that the new strain of Dyre is targeting large enterprises in addition to...
CryptoWall Ransomware Earns $1.1M, Encrypts 5 Billion Files
CryptoWall is a million-dollar business. The file-encrypting ransomware has netted the criminal gang responsible for its development and dispersal, more than $1.1 million in the six months it’s been in the wild, researchers at Dell SecureWorks’ Counter Threat Unit said in a report this week. The...
Millions of PCs Affected by Mysterious Computrace Backdoor
UPDATE: A previous version of this story incorrectly stated that Anibal Sacco works for Core Security. Sacco left Core Security last year to start Cubica Labs. LAS VEGAS – Nearly every PC has an anti-theft product called Computrace embedded in its BIOS PCI Optional ROM or its unified extensible...
Miniduke APT Campaigh Returns with New Targets, Hacking Tools
The Miniduke advanced persistent threat APT campaign uncovered by researchers at Kaspersky Lab and CrySys Lab in February 2013 is back after a year-long hiatus in which attacks abated almost entirely. While the initial Miniduke operations primarily targeted government organizations in Europe, thi...
Alteon AceDirector Half-Closed HTTP Request IP Address Revealing Vulnerabililty
No description provided by source. source: http://www.securityfocus.com/bid/3964/info Alteon ACEdirector is a hardware solution distributed by Nortel Networks. ACEdirector runs the Nortel WebOS operating system. It is possible to retrieve the real IP addresses of webservers that are managed by an...
appRain Quick Start Edition Core Edition Multiple 0.1.4-Alpha - XSS Vulnerabilities
No description provided by source. Title : appRain Quick Start Edition Core Edition Multiple Persistence Cross-Site Scripting Vulnerabilities. Author : Antu Sanadi from SecPod Technologies www.secpod.com Vendor : http://www.apprain.com/ Advisory : http://secpod.org/blog/?p=215...
CyberLink Power2Go Essential 9.0.1002.0 - Registry SEH/Unicode Buffer Overflow
No description provided by source. !/usr/bin/perl Exploit Title: CyberLink Power2Go Essential 9.0.1002.0 - Registry SEH/Unicode Buffer Overflow Discovery date: 11-26-2013 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software/Version: CyberLink Power2Go 9 Essential 9.0.1002.0...
openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2012:1154-1)
Java-170-openjdk was updated to fix a remote exploit CVE-2012-4681. Also bugfixes were done : - fix build on ARM and i586 - remove files that are no longer used - zero build can be enabled using rpmbuild osc build --with zero - add hotspot 2.1 needed for zero - fix filelist on %ix86 - Security...
Kali Linux 1.0.7 Released
Kernel 3.14, Tool Updates, Package Improvements Kali linux 1.0.7 has just been released, complete with a whole bunch of tool updates, a new kernel, and some cool new features. Check out our changelog for a full list of these items. As usual, you don’t need to re-download or re-install Kali to...
Google Chrome OS < 33.0.1750.152 Multiple Vulnerabilities
Binary data 8202.prm...
Google Chrome OS < 33.0.1750.152 Multiple Security Vulnerabilities (deprecated)
Binary data 8161.prm...
CVE-2014-1708
The boot implementation in Google Chrome OS before 33.0.1750.152 does not properly consider file persistence, which allows remote attackers to execute arbitrary code via unspecified vectors...