Revamped HawkEye Keylogger Swoops in on Coronavirus Fears

There’s a new variant of the HawkEye keylogging malware making the rounds, featuring expanded info-stealing capabilities. Its operators are looking to capture the zeitgeist around the novel coronavirus. It’s being distributed using spam that purports to be an “alert” from the Director-General of...

Huawei EulerOS: Security Advisory for gcc (EulerOS-SA-2019-1825)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-4761

A Privilege Escalation vulnerability exists in the unquoted Service Binary in SDPAgent or SDBAgent in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges...

CVE-2012-4760

A Privilege Escalation vulnerability exists in the SDBagent service in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges...

Privilege escalation

A Privilege Escalation vulnerability exists in the SDBagent service in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges...

Privilege escalation

A Privilege Escalation vulnerability exists in the unquoted Service Binary in SDPAgent or SDBAgent in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges...

CVE-2012-4761

A Privilege Escalation vulnerability exists in the unquoted Service Binary in SDPAgent or SDBAgent in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges...

CVE-2012-4761

Summary: CVE-2012-4761 affects Safend Data Protector Agent 3.4.5586.9772. The vulnerability arises from an unquoted Service Binary for SDPAgent/SDBAgent, enabling a local attacker to escalate privileges. What’s vulnerable: the Windows service path containing spaces (SDBAgent.exe/SDPAgent.exe) and...

CVE-2012-4767

An issue exists in Safend Data Protector Agent 3.4.5586.9772 in the securitylayer.log file in the logs.9972 directory, which could let a malicious user decrypt and potentially change the Safend security policies applied to the machine...

Code injection

An issue exists in Safend Data Protector Agent 3.4.5586.9772 in the securitylayer.log file in the logs.9972 directory, which could let a malicious user decrypt and potentially change the Safend security policies applied to the machine...

CVE-2012-4760

CVE-2012-4760 and CVE-2012-4761 pertain to Safend Data Protector Agent 3.4.5586.9772. The issues involve the SDBAgent/SDPAgent components: (1) WRITE_DAC privileges granted to all local users on the SDBAgent.exe file, enabling a local user to rewrite ACLs and potentially gain full local admin priv...

CVE-2012-4760

A Privilege Escalation vulnerability exists in the SDBagent service in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges...

CVE-2012-4767

CVE-2012-4767 concerns Safend Data Protector Agent 3.4.5586.9772, where the securitylayer.log within logs.9972 allegedly exposes a private key, enabling a local attacker to decrypt communications and potentially alter the machine’s security policies. The NVD description states an attacker could d...

CVE-2012-4767

An issue exists in Safend Data Protector Agent 3.4.5586.9772 in the securitylayer.log file in the logs.9972 directory, which could let a malicious user decrypt and potentially change the Safend security policies applied to the machine...

Linux/x86 - Execve() Alphanumeric Shellcode (66 bytes)

Title: Linux/x86 - Execve Alphanumeric Shellcode 66 bytes Shellcode Author: bolonobolo Tested on: Linux x86 execve.asm global start section .text start: ; int 0x80 ------------ push 0x30 pop eax xor al, 0x30 push eax pop edx dec eax xor ax, 0x4f73 xor ax, 0x3041 push eax push edx pop eax...

Inspecting TLS Web Traffic - Part 2

In the first blog post I covered why HTTPS web traffic has grown to unprecedented levels, provided a TLS primer and looked at the basic concept of intercepting and inspecting HTTPS web traffic with Man-In-The-Middle techniques MITM. In the second part, I will dive a bit deeper into how the TLS MI...

CVE-2014-5439

Multiple Stack-based Buffer Overflow vulnerabilities exists in Sniffit prior to 0.3.7 via a crafted configuration file that will bypass Non-eXecutable bit NX, stack smashing protector SSP, and address space layout randomization ASLR protection mechanisms, which could let a malicious user execute...

CVE-2014-5439

Multiple Stack-based Buffer Overflow vulnerabilities exists in Sniffit prior to 0.3.7 via a crafted configuration file that will bypass Non-eXecutable bit NX, stack smashing protector SSP, and address space layout randomization ASLR protection mechanisms, which could let a malicious user execute...

The Benefits of a Single Provider DNS Platform

I've written in previous blogs about the value of using DNS as a security control point and how using a DNS based security solution like Akamai's Enterprise Threat Protector can help accelerate your transition to a Zero Trust security approach. In this blog, I'm going to cover how in addition to...

Akamai and Microsoft: Delivering a Better Zero Trust Access Model for the Hybrid Enterprise Together

The best partnerships evolve over time and are forged with a common goal. Microsoft and Akamai have partnered for years with the common goal of delivering integrated solutions that address real customer problems. A great example is optimizing global end-user performance for cloud workloads with...