Riasztások
Vigil@nce - Xen, Linux: memory corruption via Linux Blkback Grant Mapping, analyzed on 16/02/2021
Synthesis of the vulnerability An attacker, inside a guest system, can trigger a memory corruption via Linux Blkback Grant Mapping of Xen, in order to trigger a denial of service, and possibly to run code on the host system. Impacted products:
Severity of this bulletin: 2/4. Creation date: 16/02/2021.
Cyber Security Today, April 16, 2021 – Russians are coming for these devices, how a games company was hacked and be careful with internet searches
The Russians are coming for these devices, how a games company was hacked and be careful with internet searches. Welcome to Cyber Security Today. It’s Friday April 16th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
IT leaders can have a hard time deciding which hardware and software to patch first.
Exploit Kit still sharpens a sword
2021-04-15. Note: This blog post doesn’t make sense to many. It’s 2021 now. Moreover, the quarter has already passed. I thought Drive-by Download attack was dead four years ago. Angler Exploit Kit has disappeared, pseudo-Darkleech and EITest campaign have disappeared, and RIG Exploit Kit has also declined.
Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period
Read the original article: Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period The zero-day flaw research group has revised its disclosure of the technical details of vulnerabilities in the hopes of speeding up the release and adoption of fixes.
Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?
Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack. An analysis of the malicious file and other submissions by the same VirusTotal user suggest the account that initially flagged the backdoor as suspicious....
Why Adults Lose the ‘Beginner’s Mind’
I’m Ezra Klein, and this is “The Ezra Klein Show.” It probably won’t surprise you that I’m one of those parents who reads a lot of books about parenting. And they’re mostly bad, particularly the books for dads. So many of those books have this weird, “dude, you’re going to be a dad, bro,” tone. It’s a terrible literature.
Nagios XI Vulnerability Used for Cryptomining: Unit 42 Research
This post is also available in: Executive Summary. On March 16, 2021, Unit 42 researchers observed an attacker targeting Nagios XI software to exploit the vulnerability CVE-2021-25296 , a remote command injection vulnerability impacting Nagios XI version 5.7.5, to conduct a cryptojacking attack and deploy the XMRig coinminer on victims’ devices.
Vigil@nce - Xen, Linux: assertion error via Linux Mapping Error, analyzed on 16/02/2021
Synthesis of the vulnerability An attacker, inside a guest system, can force an assertion error via Linux Mapping Error of Xen, in order to trigger a denial of service on the host system. Vulnerable products:
Severity of this weakness: 2/4. Creation date: 16/02/2021.
Indicator Of Attack(IoA’s) And Activities – SOC/SIEM – A Detailed Explanation
What is an Indicator of Attack (IOA) IoA’s is some events that could reveal an active attack before indicators of compromise become visible. Use of IoA’s provides a way to shift from reactive cleanup/recovery to a proactive mode, where attackers are disrupted and blocked before they achieve their goal such as data thief, ransomware, exploit, etc.
Multiple 1-Click Vulnerabilities in Telegram, VLC, LibreOffice (CVE-2021-30245)
How safe are your applications, and how secure are you while using them? Security researchers reported the abundance of one-click vulnerabilities in multiple popular software apps, allowing threat actors to perform arbitrary code execution attacks. Discovered by Positive Security researchers, the....
Plone CMS 5.2.3 | Cross Site Scripting (XSS)
|=========================================================================== | # Exploit Title : Plone CMS 5.2.3 | Cross Site Scripting (XSS) | | # Author : Ali Seddigh | | # Category : Web Application | | # Software Link : https://plone.com/ | | # Tested on : [ Windows ~> 10] | | # Version: 5.2.
Greek Shopping Web Site SQL Injection Vulnerability
# Exploit Title: Greek Shopping Web Site SQL Injection Vulnerability # Author: Emyounoone # Date: 14/04/2021 # Tested On: Kali Linux # Contact: https://twitter.com/Emyounoone # Google Dork: productview.php?id= ---------------------------------------------------------------------------------------------------- # Vulnerable Path: http://www.
Tileserver-gl 3.0.0 Cross Site Scripting
# Exploit Title: Tileserver-gl 3.0.0 - 'key' Reflected Cross-Site Scripting (XSS) # Date: 15/04/2021 # Exploit Author: Akash Chathoth # Vendor Homepage: http://tileserver.org/ # Software Link: https://github.com/maptiler/tileserver-gl # Version: versions <3.1.0 # Tested on: 2.6.0 # CVE: 2020-15500 Exploit : http://example.
htmly 2.8.0 Cross Site Scripting
# Exploit Title: htmly 2.8.0 allows stored XSS # Authors: @nu11secur1ty & G.Dzhankushev # Date: 04.15.2021 # Vendor: htmly # Link: https://github.com/danpros/htmly # CVE: CVE-2021-30637 [+] Exploit Source: https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-26929 [Exploit Program Code]....
Опасные дыры в OpENer EtherNet/IP открывают промышленные системы для DoS
Агентство кибербезопасности и защиты инфраструктуры США (CISA) предупредило о ряде уязвимостей в стеке OpENer EtherNet/IP, которые подвергают опасности промышленные системы. С помощью этих брешей потенциальный злоумышленник может провести DoS-атаки, укра <сть важные данные и даже удалённо выполнить код.
CVE-2021-22539
An attacker can place a crafted JSON config file into the project folder pointing to a custom executable. VScode-bazel allows the workspace path to lint *.bzl files to be set via this config file. As such the attacker is able to execute any executable on the system through vscode-bazel. We recommend upgrading to version 0.4.1 or above.
Attackers Now Target Proxy Log-on Exploit to Install Crypto-Jacker!
Crypto-jacking can be added to the list of threats that face any unpatched Exchange servers that remain vulnerable to the now-infamous Proxy Logon exploit, new research has discovered.
Threat players targeted compromised Exchange servers to host malicious Monero Crypto-miner in an “unusual attack,” Sophos researchers discovered.
WhatsApp Flaw Allows Cyber-Stalking via Online Status, Researchers Say
WhatsApp has been found to have a flaw that could allow third parties to stalk users, security researchers say. The issue comes through the online status feature of the instant messaging app that is available by default. A list of Android and iPhone apps as well as some Web services are available....
How I was able to find and exploit the Google Maps API key of a target and you can do it too
Hey, What’s Up Fellow Hackers & pro bug bounty hunters hope you are doing well and staying safe, hunting heavily and bunking online classes( Everyone Does xD). So today I am going to share an interesting story about one of my interesting finding in a program. I won't disclose this for obvious reasons so let’s assume it as redacted.
Google's Project Zero will wait longer before disclosing security flaws
Google's Project Zero security team will wait an extra 30 days before disclosing vulnerability details so end-users have enough time to patch software, Google has announced . That means developers will still have 90 days to fix regular bugs (with a 14-day grace period if requested), but Google will....