CVE-2020-27150
Summary: In multiple versions of NPort IA5000A Series, the result of exporting a device’s configuration contains the passwords of all...
Summary: In multiple versions of NPort IA5000A Series, the result of exporting a device’s configuration contains the passwords of all...
Summary: Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote...
Summary: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login as User or Customer (User Switching) WordPress...
Last week on Malwarebytes Labs, we looked at a banking trojan full of nasty tricks, explained some tips and pointers...
This week on Lock and Code, we speak to cybersecurity advocate and author Carey Parker about “dark patterns,” which are...
SpoolPrinter Privesc using SeImpersonatePrivileges was made thanks to @_ForrestOrr https://github.com/forrest-orr/DoubleStar/tree/main/Payloads/Source/Stage3_SpoolPotato I basically just tossed the exploit function in his code and altered...
The National Cyber Security Centre of Ireland (NCSC) believes that the attack on the country's Health Service Executive (HSE) was...
An FBI employee with a top-secret security clearance has been indicted on charges that she illegally stored several national security...
The famous Pizza company Dominos suffered a data leak again this year wherein the details of 18 crore orders are...
In 2019, Apple aimed to reassure its customers when it revealed in a blog post that it had fixed a...
According to the Federal Bureau of Investigation, the same group of online extortionists responsible for last week's attack on the...
This script is designed for using AWS and SOCAT as a forwarder to another IP or Server, for Red Team...
Hunting for Malicious StringsUsage:AMSI calls (xmas tree mode) -d, --debug Show Debug Info -m, --maxsiglength=VALUE Maximum signature Length to cater...
SQLFluff is a dialect-flexible and configurable SQL linter. Designed with ELT applications in mind, SQLFluff also works with jinja templating...
The wormable CVE-2021-31166 vulnerability in the HTTP Protocol Stack of the Windows IIS server also affects WinRM on Windows 10...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
The Alaska health department website was forced offline by a malware attack, officials are investigating the incident. The website of...
QNAP warns customers of updating the HBS 3 disaster recovery app to prevent Qlocker ransomware attack. Taiwanese vendor QNAP is...
Summary: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WooCommerce Conditional Marketing Mailer WordPress plugin before 1.5.2,...
Summary: An issue was discovered in Prosody before 0.11.9. Default settings are susceptible to remote unauthenticated denial-of-service (DoS) attacks via...
Summary: An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback option in mod_dialback enables an experimental feature for...
Summary: Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests. Reference Links(if available): https://blog.prosody.im/prosody-0.11.9-released/ http://www.openwall.com/lists/oss-security/2021/05/13/1...
In April 2021, hackers posted data for sale originating from the online Indian financial platform, Moneycontrol. The data included 763...
Mercari, an e-commerce platform, has disclosed a major data breach that occurred as a result of the Codecov supply-chain attack....
