New ‘Retbleed’ Attack Can Swipe Key Data From Intel and AMD CPUs

The exploit can leak password information and other sensitive material, but the chipmakers are rolling out mitigations...

goGetBucket - A Penetration Testing Tool To Enumerate And Analyse Amazon S3 Buckets Owned By A Domain

When performing a recon on a domain - understanding assets they own is very important. AWS S3 bucket permissions have been confused time and time again, and have allowed for the exposure of sensitive material. What this tool does, is enumerate S3 bucket names using common patterns I have identifi...

CVE-2011-3177

The YaST2 network created files with world readable permissions which could have allowed local users to read sensitive material out of network configuration files, like passwords for wireless networks...

CVE-2011-3177

The YaST2 network created files with world readable permissions which could have allowed local users to read sensitive material out of network configuration files, like passwords for wireless networks...

CVE-2011-3177

Summary: CVE-2011-3177 concerns YaST2 network creating files with world-readable permissions, allowing local users to read sensitive network config data (e.g., wireless passwords). Affected components: YaST2 network handling; YaST2 network configuration files. Root cause (as documented): Files cr...