64 matches found
TP-Link Routers Vulnerable to Zero-Day Buffer Overflow Attack
Two models of TP-Link’s budget routers are vulnerable to zero-day flaws that allow attackers to take control of both. The routers in question are models TP-Link WR940N and TL-WR941ND, according IBM Security, which found the bugs and posted a technical analysis on its discoveries on Monday. “In th...
LogicalDOC 8.2 Path Traversal Vulnerability
Impact In order to exploit this vulnerability an attacker needs to be an authenticated read-only user of the role guest. The attacker can read arbitrary files and create arbitrary directories on the server with the permissions of the user running the web server. It is recommended to update...
Analysis and mitigation of L1 Terminal Fault (L1TF)
In January 2018, Microsoft released an advisory and security updates for a new class of hardware vulnerabilities involving speculative execution side channels known as Spectre and Meltdown. In this blog post, we will provide a technical analysis of a new speculative execution side channel...
Analysis and mitigation of L1 Terminal Fault (L1TF)
In January 2018, Microsoft released an advisory and security updates for a new class of hardware vulnerabilities involving speculative execution side channels known as Spectre and Meltdown. In this blog post, we will provide a technical analysis of a new speculative execution side channel...
Spartacus ransomware: introduction to a strain of unsophisticated malware
Spartacus ransomware is a new sample that has been circulating in 2018. Written in C, the original sample is obfuscated, which we will go over as we extract it to its readable state. Spartacus is a relatively straight-forward ransomware sample and uses some similar techniques and code to others w...
Threat Analysis: ROKRAT Malware
ROKRAT also referred to as DOGcall is a family of malware that has been used by attackers originating from North Korea. The family continues to evolve and adopt techniques from other families also used by the same attack group. The ROKRAT core payload is typically deployed by a loader, which has...
We’re moving to Microsoft Secure
We’re packing up and moving! Starting January 2018, we’ll move our blogs to Microsoft Secure. At Microsoft Secure, you will find technical information for Office 365, Microsoft Azure, and Windows, alongside product updates, cybersecurity guidance, industry trends, and more. You can expect the sam...
how2heap vulnerability technical research and analysis summary of-under-vulnerability warning-the black bar safety net
"how2heap"is shellphish team at Github on the open source stack flaws tutorial series. I this period of time non-stop in the refresher heap of flaws in the application of common sense,to see these applied skills in the future feel rewarding. This article is my training this tutorial series after ...
Thousands of Security Experts Work Together to Collectively Combat Petya / NotPetya Ransomware Attack
On Tuesday, Carbon Black’s community of security experts began working together with Carbon Black Threat Research to rapidly analyze the new ransomware family that was hitting organizations from Russia to Britain. More than 100 customers and partners communicated IOCs as the attack hit. “I heard...
8 on 1 9: The Shadow-Brokers the leaked file description, technical analysis on-the vulnerability warning-the black bar safety net
! 0x01 exposure data with the equation and NSA relationship From the leaked data packet with the decompressed content to see, specifically for the firewall device attack and penetration action when the use of the tool set. According to the data exposed persons Shadow Brokers described, this packe...
Cisco repair Shadow Brokers announced the vulnerability and released technical analysis-vulnerability warning-the black bar safety net
A, event summary 2 0 1 6 years 8 on 1 5 December, a named“The Shadow Brokers”the shadow broker-hacking group claims to Own the intrusion of the Equation Group equation organization of hacking an organization's computer system, and successfully steal a lot of confidential information and hacker...
Struts2 devMode turned on under the condition remote code execution vulnerability
Details source: ADLab Qimingxing e ADLab researchers found that when Struts2 in devMode mode When set to true, there is a serious remote code execution vulnerability. If the WebService to start a permission is the highest permission, can remotely execute arbitrary commands, including shutdown, to...
QQ browser privacy disclosure report-vulnerability warning-the black bar safety net
0x00 description QQ browser is Tencent development of a web browser, for Android, Windows, Mac and iOS and other platforms. Compared to the built-in browser, QQ browser provides richer functionality, for example, increase the tag window, and integrating the chat platform, etc. In the report a...
ImageMagick vulnerability analysis and protection solution-vulnerability warning-the black bar safety net
Mail. Ru security team found several on the ImageMagick software vulnerabilities and submitted to the ImageMagick developers for repair. ImageMagick official in 2 0 1 6 year 4 month 3 0 day release a new version 6.9.3-9 repair remote code execution, but the repair is not complete, after the secon...
OpenSSL technology analysis and treatment recommendations-vulnerability warning-the black bar safety net
2 0 1 6 4 2 8 on Thu Apr 2 8 1 3:2 0:1 3 UTC 2 0 1 6, the OpenSSL official announcement will be in 2 0 1 6 years 5 months 4 days Thu May 3 1 2:00 to 15:0 0 UTC 2 0 1 6 released new version, fix more on the OpenSSL high-level threat vulnerability. OpenSSL Bulletin the following address:...
OpenSSH CVE-2 0 1 6-0 7 7 7 private key to steal technical analysis-vulnerability warning-the black bar safety net
Remembered used to write a lot of advertising procedures, estimation also not many people see. Then see“days eye APT the Team”and“3 6 0 security suit team”of people for black output only wrote the phrase“people do, day in see”, a bit of sentiment. Quickly put the sb type of ad deleted, cannot be...
Fortinet(FortiGate)suspected the presence of the SSH Backdoor influence 4. 0 to 5.0.7 version-bug warning-the black bar safety net
Overview 1 On 1 2 May, twitter user@esizkur published information that the Fortigate exist ssh back door, the impact of the version from 4. 0 to 5. 0. 7, and in the link given in the attached full attack using the code. According to the disclosure of information display, the attacker can use this...
CVE-2 0 1 5-7 8 5 7 Joomla injection exploit tools-vulnerability warning-the black bar safety net
Mentioned some of the techniques, tools may with a certain offensive, only for safety learning and teaching purposes, the prohibition of illegal use! Joomla is a won multiple awards CMS(Content Management System, CMS, which uses PHP+MySQL database development, can run on Linux, Windows, MacOSX,...
Vulnerability tracking: Flash critical Vulnerability(CVE-2 0 1 5-0 3 1 1 detailed technical analysis-vulnerability warning-the black bar safety net
Last week's Flash 0day vulnerability you play cool. Known for their natural also want to know its so natural, playing tired, sit down and take a look at this vulnerability causes. Trend Micro recently to the vulnerability detailed analysis, the author translated, the readers. Vulnerability contex...
Equis MetaStock <= 11 Use After Free
No description provided by source. Luigi Auriemma Application: Equis MetaStock http://www.equis.com Versions: = 11 Platforms: Windows Bug: use after free Exploitation: file Date: 06 Sep 2011 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 The Code 4 Fix...