Lucene search
K

64 matches found

ThreatPost
ThreatPost
added 2019/04/08 10:51 p.m.103 views

TP-Link Routers Vulnerable to Zero-Day Buffer Overflow Attack

Two models of TP-Link’s budget routers are vulnerable to zero-day flaws that allow attackers to take control of both. The routers in question are models TP-Link WR940N and TL-WR941ND, according IBM Security, which found the bugs and posted a technical analysis on its discoveries on Monday. “In th...

Exploits0References6
ripstech
ripstech
added 2019/03/26 11:27 a.m.31 views

LogicalDOC 8.2 Path Traversal Vulnerability

Impact In order to exploit this vulnerability an attacker needs to be an authenticated read-only user of the role guest. The attacker can read arbitrary files and create arbitrary directories on the server with the permissions of the user running the web server. It is recommended to update...

7AI score
Exploits0
MSRC
MSRC
added 2018/08/13 7:0 a.m.48 views

Analysis and mitigation of L1 Terminal Fault (L1TF)

In January 2018, Microsoft released an advisory and security updates for a new class of hardware vulnerabilities involving speculative execution side channels known as Spectre and Meltdown. In this blog post, we will provide a technical analysis of a new speculative execution side channel...

5.4CVSS1.7AI score0.08101EPSS
Exploits0
MSRC
MSRC
added 2018/08/13 7:0 a.m.36 views

Analysis and mitigation of L1 Terminal Fault (L1TF)

In January 2018, Microsoft released an advisory and security updates for a new class of hardware vulnerabilities involving speculative execution side channels known as Spectre and Meltdown. In this blog post, we will provide a technical analysis of a new speculative execution side channel...

6.4CVSS7AI score0.08101EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2018/04/30 5:40 p.m.33 views

Spartacus ransomware: introduction to a strain of unsophisticated malware

Spartacus ransomware is a new sample that has been circulating in 2018. Written in C, the original sample is obfuscated, which we will go over as we extract it to its readable state. Spartacus is a relatively straight-forward ransomware sample and uses some similar techniques and code to others w...

6.9AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/02/27 6:28 p.m.184 views

Threat Analysis: ROKRAT Malware

ROKRAT also referred to as DOGcall is a family of malware that has been used by attackers originating from North Korea. The family continues to evolve and adopt techniques from other families also used by the same attack group. The ROKRAT core payload is typically deployed by a loader, which has...

7.4AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2017/12/21 2:40 a.m.8 views

We’re moving to Microsoft Secure

We’re packing up and moving! Starting January 2018, we’ll move our blogs to Microsoft Secure. At Microsoft Secure, you will find technical information for Office 365, Microsoft Azure, and Windows, alongside product updates, cybersecurity guidance, industry trends, and more. You can expect the sam...

6.7AI score
Exploits0
myhack58
myhack58
added 2017/09/11 12:0 a.m.96 views

how2heap vulnerability technical research and analysis summary of-under-vulnerability warning-the black bar safety net

"how2heap"is shellphish team at Github on the open source stack flaws tutorial series. I this period of time non-stop in the refresher heap of flaws in the application of common sense,to see these applied skills in the future feel rewarding. This article is my training this tutorial series after ...

0.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/06/30 2:58 p.m.50 views

Thousands of Security Experts Work Together to Collectively Combat Petya / NotPetya Ransomware Attack

On Tuesday, Carbon Black’s community of security experts began working together with Carbon Black Threat Research to rapidly analyze the new ransomware family that was hitting organizations from Russia to Britain. More than 100 customers and partners communicated IOCs as the attack hit. “I heard...

6.7AI score
Exploits0
myhack58
myhack58
added 2016/08/19 12:0 a.m.18 views

8 on 1 9: The Shadow-Brokers the leaked file description, technical analysis on-the vulnerability warning-the black bar safety net

! 0x01 exposure data with the equation and NSA relationship From the leaked data packet with the decompressed content to see, specifically for the firewall device attack and penetration action when the use of the tool set. According to the data exposed persons Shadow Brokers described, this packe...

0.3AI score
Exploits0
myhack58
myhack58
added 2016/08/18 12:0 a.m.36 views

Cisco repair Shadow Brokers announced the vulnerability and released technical analysis-vulnerability warning-the black bar safety net

A, event summary 2 0 1 6 years 8 on 1 5 December, a named“The Shadow Brokers”the shadow broker-hacking group claims to Own the intrusion of the Equation Group equation organization of hacking an organization's computer system, and successfully steal a lot of confidential information and hacker...

1.7AI score
Exploits0
seebug.org
seebug.org
added 2016/07/12 12:0 a.m.44 views

Struts2 devMode turned on under the condition remote code execution vulnerability

Details source: ADLab Qimingxing e ADLab researchers found that when Struts2 in devMode mode When set to true, there is a serious remote code execution vulnerability. If the WebService to start a permission is the highest permission, can remotely execute arbitrary commands, including shutdown, to...

8.4AI score
Exploits0
myhack58
myhack58
added 2016/06/08 12:0 a.m.448 views

QQ browser privacy disclosure report-vulnerability warning-the black bar safety net

0x00 description QQ browser is Tencent development of a web browser, for Android, Windows, Mac and iOS and other platforms. Compared to the built-in browser, QQ browser provides richer functionality, for example, increase the tag window, and integrating the chat platform, etc. In the report a...

7.8AI score
Exploits0
myhack58
myhack58
added 2016/05/07 12:0 a.m.11 views

ImageMagick vulnerability analysis and protection solution-vulnerability warning-the black bar safety net

Mail. Ru security team found several on the ImageMagick software vulnerabilities and submitted to the ImageMagick developers for repair. ImageMagick official in 2 0 1 6 year 4 month 3 0 day release a new version 6.9.3-9 repair remote code execution, but the repair is not complete, after the secon...

1.4AI score
Exploits0
myhack58
myhack58
added 2016/05/07 12:0 a.m.13 views

OpenSSL technology analysis and treatment recommendations-vulnerability warning-the black bar safety net

2 0 1 6 4 2 8 on Thu Apr 2 8 1 3:2 0:1 3 UTC 2 0 1 6, the OpenSSL official announcement will be in 2 0 1 6 years 5 months 4 days Thu May 3 1 2:00 to 15:0 0 UTC 2 0 1 6 released new version, fix more on the OpenSSL high-level threat vulnerability. OpenSSL Bulletin the following address:...

0.6AI score
Exploits0
myhack58
myhack58
added 2016/01/17 12:0 a.m.20 views

OpenSSH CVE-2 0 1 6-0 7 7 7 private key to steal technical analysis-vulnerability warning-the black bar safety net

Remembered used to write a lot of advertising procedures, estimation also not many people see. Then see“days eye APT the Team”and“3 6 0 security suit team”of people for black output only wrote the phrase“people do, day in see”, a bit of sentiment. Quickly put the sb type of ad deleted, cannot be...

7.4AI score
Exploits0
myhack58
myhack58
added 2016/01/14 12:0 a.m.17 views

Fortinet(FortiGate)suspected the presence of the SSH Backdoor influence 4. 0 to 5.0.7 version-bug warning-the black bar safety net

Overview 1 On 1 2 May, twitter user@esizkur published information that the Fortigate exist ssh back door, the impact of the version from 4. 0 to 5. 0. 7, and in the link given in the attached full attack using the code. According to the disclosure of information display, the attacker can use this...

6.9AI score
Exploits0
myhack58
myhack58
added 2015/10/30 12:0 a.m.17 views

CVE-2 0 1 5-7 8 5 7 Joomla injection exploit tools-vulnerability warning-the black bar safety net

Mentioned some of the techniques, tools may with a certain offensive, only for safety learning and teaching purposes, the prohibition of illegal use! Joomla is a won multiple awards CMS(Content Management System, CMS, which uses PHP+MySQL database development, can run on Linux, Windows, MacOSX,...

7.2AI score
Exploits0
myhack58
myhack58
added 2015/01/31 12:0 a.m.15 views

Vulnerability tracking: Flash critical Vulnerability(CVE-2 0 1 5-0 3 1 1 detailed technical analysis-vulnerability warning-the black bar safety net

Last week's Flash 0day vulnerability you play cool. Known for their natural also want to know its so natural, playing tired, sit down and take a look at this vulnerability causes. Trend Micro recently to the vulnerability detailed analysis, the author translated, the readers. Vulnerability contex...

1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.28 views

Equis MetaStock <= 11 Use After Free

No description provided by source. Luigi Auriemma Application: Equis MetaStock http://www.equis.com Versions: = 11 Platforms: Windows Bug: use after free Exploitation: file Date: 06 Sep 2011 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 The Code 4 Fix...

7.1AI score
Exploits0
Rows per page
Query Builder