14 matches found
Malicious Package
Overview kirkland is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising...
Malicious Package
Overview ishowfeet17 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...
Malicious Package
Overview nottuff28 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...
[SECURITY] Fedora 43 Update: python-urllib3-2.6.1-1.fc43
urllib3 is a powerful, user-friendly HTTP client for Python. urllib3 brings many critical features that are missing from the Python standard libraries: =E2=80=A2 Thread safety. =E2=80=A2 Connection pooling. =E2=80=A2 Client-side SSL/TLS verification. =E2=80=A2 File uploads with multipart encoding...
The vulnerability of the Grafana monitoring and observation platform lies in the improper handling of input during the creation of a web page. This allows a hacker to inject the entered URL address into the system.
The vulnerability of the Grafana monitoring and observation platform lies in the creation of snapshots and the arbitrary selection of the “originalUrl” parameter, thereby modifying the query through web proxies. Exploiting this vulnerability allows a malicious actor to inject the entered URL...
SUSE CVE-2012-0804
Heap-based buffer overflow in the proxyconnect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTTP response...
CVE-2022-40684: Remote Authentication Bypass Vulnerability in Fortinet Firewalls, Web Proxies
Emergent threats evolve quickly, and as we learn more about this vulnerability, this blog post will evolve, too. On October 3, 2022, Fortinet released a software update that indicates then-current versions of their FortiOS firewall and FortiProxy web proxy software are vulnerable to CVE-2022-4068...
Fuzzing HTTP Proxies: Privoxy, Part 3
Research Fuzzing HTTP Proxies: Privoxy, Part 3 Share January 4th, 2022 One of my earlier posts outlined how I had discovered six security vulnerabilities in the Privoxy software using the technique of fuzzing to cause the software to crash. This post outlines how I discovered three more...
HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks
HTML smuggling, a highly evasive malware delivery technique that leverages legitimate HTML5 and JavaScript features, is increasingly used in email campaigns that deploy banking malware, remote access Trojans RATs, and other payloads related to targeted attacks. Notably, this technique was observe...
HTTP Request Smuggling in Web Proxies
Overview HTTP web proxies and web accelerators that support HTTP/2 for an HTTP/1.1 backend webserver are vulnerable to HTTP Request Smuggling. Description The affected systems allow invalid characters such as carriage return and newline characters in HTTP/2 headers. When an attacker passes these...
Fuzzing HTTP Proxies: Privoxy, Part 1
Research Fuzzing HTTP Proxies: Privoxy, Part 1 Share May 17th, 2021 Here at Opera, we’re always looking for ways to improve the browsing experience of our users with speed and usability. Perhaps more importantly though, we also look for ways to improve users’ privacy and security. While we...
SNIcat - Server Name Indication Concatenator
SNIcat is a proof of concept tool that performs data exfiltration, utilizing a covert channel method via. Server Name Indication , a TLS Client Hello Extension. The tool consists of an agent which resides on the compromised internal host, and a Command &Control Server which controls the agent and...
Adrian Lamo, ‘Homeless Hacker’ Who Turned in Chelsea Manning, Dead at 37
Adrian Lamo, the hacker probably best known for breaking into The New York Times's network and for reporting Chelsea Manning's theft of classified documents to the FBI, was found dead in a Kansas apartment on Wednesday. Lamo was widely reviled and criticized for turning in Manning, but that chapt...
Apple iOS Malicious Code Malicious COOKIE Settings Vulnerability
Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A security vulnerability in Apple iOS's handling of proxy link responses allows malicious WEB proxies to set a malicious COOKIE...