CVE-2020-7200

Summary: CVE-2020-7200 affects HPE Systems Insight Manager (SIM) 7.6.x and enables remote code execution via deserialization in the AMF path. The exploit context (from connected docs) describes a deserialization flaw in the AMF endpoint that leads to RCE in the hpsimsvc.exe process, with an attac...

CVE-2020-27034

In createSimSelectNotification of SimSelectNotification.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

SUSE SLED15 / SLES15 Security Update : wpa_supplicant (SUSE-SU-2020:3380-1) (KRACK)

This update for wpasupplicant fixes the following issues : Security issue fixed : CVE-2019-16275: Fixed an AP mode PMF disconnection protection bypass bsc1150934. Non-security issues fixed : Enable SAE support jscSLE-14992. Limit P2PDEVICE name to appropriate ifname size. Fix wicked wlan bsc11569...

openSUSE Security Update : wpa_supplicant (openSUSE-2020-2059) (KRACK)

This update for wpasupplicant fixes the following issues : Security issue fixed : - CVE-2019-16275: Fixed an AP mode PMF disconnection protection bypass bsc1150934. Non-security issues fixed : - Enable SAE support jscSLE-14992. - Limit P2PDEVICE name to appropriate ifname size. - Fix wicked wlan...

Security update for wpa_supplicant (moderate)

openSUSE Security Update: Security update for wpasupplicant Announcement ID: openSUSE-SU-2020:2053-1 Rating: moderate References: 1131644 1131868 1131870 1131871 1131872 1131874 1133640 1144443 1150934 1156920 1166933 1167331 930077 930078 930079 Cross-References: CVE-2015-4141 CVE-2015-4142...

Convicted SIM Swapper Gets 3 Years in Jail

A 21-year-old Irishman who pleaded guilty to charges of helping to steal millions of dollars in cryptocurrencies from victims has been sentenced to just under three years in prison. The defendant is part of an alleged conspiracy involving at least eight others in the United States who stand accus...

Two Charged in SIM Swapping, Vishing Scams

Two young men from the eastern United States have been hit with identity theft and conspiracy charges for allegedly stealing bitcoin and social media accounts by tricking employees at wireless phone companies into giving away credentials needed to remotely access and modify customer account...

Arrested: 4 most active hackers involved in SIM Swap, malware attacks

By Deeba Ahmed These hackers were involved in malware attacks, sim swapping scams, and e-commerce fraud. This is a post from HackRead.com Read the original post: Arrested: 4 most active hackers involved in SIM Swap, malware attacks...

FBI, CISA Echo Warnings on ‘Vishing’ Threat

The Federal Bureau of Investigation FBI and the Cybersecurity and Infrastructure Security Agency CISA on Thursday issued a joint alert to warn about the growing threat from voice phishing or "vishing" attacks targeting companies. The advisory came less than 24 hours after KrebsOnSecurity publishe...

Why & Where You Should Plant Your Flag

Several stories here have highlighted the importance of creating accounts online tied to your various identity, financial and communications services before identity thieves do it for you. This post examines some of the key places where everyone should plant their virtual flags. As KrebsOnSecurit...

Porn Clip Disrupts Virtual Court Hearing for Alleged Twitter Hacker

Perhaps fittingly, a Web-streamed court hearing for the 17-year-old alleged mastermind of the July 15 mass hack against Twitter was cut short this morning after mischief makers injected a pornographic video clip into the proceeding. 17-year-old Graham Clark of Tampa, Fla. was among those charged ...

MMS Exploit Part 4: MMS Primer, Completing the ASLR Oracle

Posted by Mateusz Jurczyk, Project Zero This post is the fourth of a multi-part series capturing my journey from discovering a vulnerable little-known Samsung image codec, to completing a remote zero-click MMS attack that worked on the latest Samsung flagship devices. New posts will be published ...

Who’s Behind Wednesday’s Epic Twitter Hack?

Twitter was thrown into chaos on Wednesday after accounts for some of the world's most recognizable public figures, executives and celebrities starting tweeting out links to bitcoin scams. Twitter says the attack happened because someone tricked or coerced an employee into providing access to...

Denial-of-service vulnerability in mod_RSsim (CNVD-2020-38498)

modRSsim is a simulation simulation software. A denial of service vulnerability exists in modRSsim, which can be exploited by attackers to cause a denial of service...

CVE-2020-12748

An issue was discovered on Samsung mobile devices with Q10.0 software. Attackers can bypass the locked-state protection mechanism and designate a different preferred SIM card. The Samsung ID is SVE-2020-16594 May 2020...

CVE-2020-12748

An issue was discovered on Samsung mobile devices with Q10.0 software. Attackers can bypass the locked-state protection mechanism and designate a different preferred SIM card. The Samsung ID is SVE-2020-16594 May 2020...

Design/Logic Flaw

An issue was discovered on Samsung mobile devices with Q10.0 software. Attackers can bypass the locked-state protection mechanism and designate a different preferred SIM card. The Samsung ID is SVE-2020-16594 May 2020...

CVE-2020-12748

CVE-2020-12748 affects Samsung mobile devices running Q(10.0); attackers can bypass the locked-state protection to designate a different preferred SIM card. Root cause details are not provided in the documents. Remediation is indicated via Samsung security update SVE-2020-16594; apply the vendor-...

CVE-2020-12748

An issue was discovered on Samsung mobile devices with Q10.0 software. Attackers can bypass the locked-state protection mechanism and designate a different preferred SIM card. The Samsung ID is SVE-2020-16594 May 2020...

MPC Sharj 3.11.1 - Arbitrary File Download Exploit

Exploit for php platform in category web applications Exploit title : MPC Sharj 3.11.1 - Arbitrary File Download Exploit Author : SajjadBnd Date : 2020-05-02 Software Link : http://dl.nuller.ir/mpc-sharj-vr3.11.1betawww.nuller.ir.zip Tested on : Ubuntu 19.10 Version : 3.11.1 Beta DESCRIPTION MPC...