149 matches found
Webinar: The "Agentic" Trojan Horse: Why the New AI Browsers War is a Nightmare for Security Teams
The AI browser wars are coming to a desktop near you, and you need to start worrying about their security challenges. For the last two decades, whether you used Chrome, Edge, or Firefox, the fundamental paradigm remained the same: a passive window through which a human user viewed and interacted...
EUVD-2004-1191
Malware in sbrugna...
EUVD-2004-1192
Malware in sbrugna...
EUVD-2005-0281
Malware in sbrugna...
EUVD-2005-0282
Malware in sbrugna...
A Decade-Long Landscape of Advanced Persistent Threats: Longitudinal Analysis and Global Trends
An advanced persistent threat APT refers to a covert, long-term cyberattack, typically conducted by state-sponsored actors, targeting critical sectors and often remaining undetected for long periods. In response, collective intelligence from around the globe collaborates to identify and trace...
How the FBI got everything it wanted (re-air) (Lock and Code S06E15)
This week on the Lock and Code podcast… For decades, digital rights activists, technologists, and cybersecurity experts have worried about what would happen if the US government secretly broke into people’s encrypted communications. The weird thing, though, is that, in 2018, it already happened...
How the FBI got everything it wanted (re-air) (Lock and Code S06E15)
This week on the Lock and Code podcast… For decades, digital rights activists, technologists, and cybersecurity experts have worried about what would happen if the US government secretly broke into people’s encrypted communications. The weird thing, though, is that, in 2018, it already happened...
CVE-2020-27384
The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag...
punnicwars.com Cross Site Scripting vulnerability OBB-3223405
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Regulating DAOs
In August, the US Treasurys Office of Foreign Assets Control OFAC sanctioned the cryptocurrency platform Tornado Cash, a virtual currency "mixer" designed to make it harder to trace cryptocurrency transactions--and a worldwide favorite money-laundering platform. Americans are now forbidden from...
How Explosions Actually Kill
Wars often spark misinformation about the nature of blast trauma. Russia's unprovoked bombardment of Ukraine is no different...
CVE-2020-27384
The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag...
CVE-2020-27384
The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag...
Privilege escalation
The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag...
CVE-2020-27384
CVE-2020-27384 affects the Guild Wars 2 launcher (Gw2-64.exe) in version 106916. The issue is an elevation of privileges caused by improper permissions: the directory tree for Guild Wars 2 has world-writable access due to the F flag (Full Control) granted to Everyone, allowing an authenticated us...
CVE-2020-27384
The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag...
Guild Wars 2 安全漏洞
Guild Wars 2 Guild Wars 2 is a role-playing computer client game. A security vulnerability exists in Guild Wars 2 launcher version 106916, which stems from improper privilege control. An authenticated attacker can use this vulnerability to modify an existing executable file with a binary of his...
Why Geek Pride Day is Something to be Proud Of
It’s fair to say that the majority of us who work in cybersecurity are ‘of a certain mindset’. There’s something that comes with the culture and tradition of personal computing, coding, and data that fosters an interest in elements of geek counter culture. Happy to wear our fandoms, obsessions, a...
Hacking Weapons Systems
Lukasz Olejnik has a good essay on hacking weapons systems. Basically, there is no reason to believe that software in weapons systems is any more vulnerability free than any other software. So now the question is whether the software can be accessed over the Internet. Increasingly, it is. This is...