UAFuzz – Binary-level Directed Fuzzing For Use-After-Free Vulnerabilities
Directed Greybox Fuzzing (DGF) like AFLGo aims to perform stress testing on pre-selected potentially vulnerable target locations, with applications to...
Xerror – Fully Automated Pentesting Tool
Xerror is an automated penetration tool , which will helps security professionals and non professionals to automate their pentesting tasks....
CVE-2020-7378: OpenCRX Unverified Password Change (FIXED)
OpenCRX version 4.30 and version 5.0-20200717 suffers from an unverified password change vulnerability, which is an instance of CWE-620. This...
Lock and Code S1Ep20: Tracking the charities that track you online with Chris Boyd
This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the...
Interview Spotlight: Israeli Hardware Solutions, Sepio Systems
On 19 November, E-Hacking News conducted an interesting interview with Sepio Systems. The company provides its customers with the highest...
ToothPicker – An In-Process, Coverage-Guided Fuzzer For iOS
ToothPicker is an in-process, coverage-guided fuzzer for iOS. It was developed to specifically targets iOS's Bluetooth daemon bluetoothd and to...
Osi.Ig – Information Gathering Instagram
The Instagram OSINT Tool gets a range of information from an Instagram account that you normally wouldn't be able to...
SEC Consult SA-20201123-0 :: Multiple Vulnerabilities in ZTE WLAN router MF253V
Posted by SEC Consult Vulnerability Lab on Nov 23SEC Consult Vulnerability Lab Security Advisory < 20201123-0 > ======================================================================= title: Multiple...
CA20201116-01: Security Notice for CA Unified Infrastructure Management
Posted by Ken Williams via Fulldisclosure on Nov 23CA20201116-01: Security Notice for CA Unified Infrastructure Management Issued: November 16th, 2020...
Don’t Let These Top Cloud Myths Hamper Your Business Decision-Making
The cloud remains a dominant technology innovation well into its second decade of existence. However, after all this time, certain...
NICER Protocol Deep Dive: Internet Exposure of Microsoft SQL Server (MS SQL) (UDP/1434)
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
WhatsApp’s ‘disappearing messages’ now available for Indian users; here’s how you can enable disappearing messages on your WhatsApp
The much popular messaging application earlier announced that they will be rolling out a new 'Disappearing Messages' feature, where sent...
Manchester United Hit By a Cyber Attack on their Systems
Manchester United affirmed the hacking on the club and revealed systems required for the match remained secure.Have been hit by...
Amlsec – Automated Security Risk Identification Using AutomationML-based Engineering Data
This prototype identifies security risk sources (i.e., threats and vulnerabilities) and types of attack consequences based on AutomationML (AML) artifacts....
SIRAS – Security Incident Response Automated Simulations
Security Incident Response Automated Simulations (SIRAS) are internal/controlled actions that provide a structured opportunity to practice the incident response plan...
Fuzzilli – A JavaScript Engine Fuzzer
A (coverage-)guided fuzzer for dynamic language interpreters based on a custom intermediate language ("FuzzIL") which can be mutated and translated...
Routopsy – A Toolkit Built To Attack Often Overlooked Networking Protocols
Routopsy is a toolkit built to attack often overlooked networking protocols. Routopsy currently supports attacks against Dynamic Routing Protocols (DRP)...
Websites requiring security software downloads opened door to supply chain attack
The Seoul skyline in South Korea (Flickr – Laurie Nevayhttps://www.flickr.com/photos/laurienevay/, CC BY-SA 2.0 https://creativecommons.org/licenses/by-sa/2.0, via Wikimedia Commons).A newly reported supply...
With Black Friday-Cyber Monday looming, Grelos skimmer tied to Magecart poses threat
A new Grelos skimmer variant tied to Magecart Group could potentially lure online shoppers to fill out phony payment forms...
Black Friday 2020: How to shop safely online
Black Friday 2020 promises to be somewhat different from years gone by thanks to COVID-19. The annual surge of in-store...
Demystifying two common misconceptions with e-commerce security
Online shopping has seen a dramatic increase in the months following the Covid-19 outbreak as more and more people opt-out...
A quick look into malwares that installs ransomware : Remove them form your system immediately
We recently looked into ways phishing mails are evolving, attackers getting creative by the day. But a new trend...
Managed.com Hosting Provider Hit by REvil Ransomware, $500K Ransom Demand
Managed hosting provider Managed.com has temporarily taken down all its servers and web hosting systems offline including clients' websites in...
Ransomware Attack Takes Down Massive Food-Supply Chain Providing Distribution of Temperature-Sensitive COVID-19 Vaccines
A company whose cold-storage capacities are extremely integral to the U.S. food-supply chain and the Coronavirus vaccine distribution affirmed...
