APPLE-SA-2020-09-16-3 Safari 14.0
Posted by Apple Product Security via Fulldisclosure on Sep 18APPLE-SA-2020-09-16-3 Safari 14.0 Safari 14.0 is now available and addresses the...
APPLE-SA-2020-09-16-2 tvOS 14.0
Posted by Apple Product Security via Fulldisclosure on Sep 18APPLE-SA-2020-09-16-2 tvOS 14.0 tvOS 14.0 is now available and addresses the...
APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0
Posted by Apple Product Security via Fulldisclosure on Sep 18APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0 iOS 14.0 and iPadOS 14.0...
Charities and the advertising industry: data ecosystems and privacy risks
Data makes the world go round, more often than not via advertising and its tracking mechanisms. Whether you think making...
Siemens USA Announced the Launch of Its Technologically Advanced Cyber Test Range
As the Coronavirus pandemic prompted an expansion in cyberattacks, this called for the need for certain facilities that would explicitly...
Apple Time Flies Event September 2020: Highlights and the meme aftermath
This Time Flies Apple Event was unlike a regular Apple Event, and the difference was noted right from the beginning...
Zin – A Payload Injector For Bugbounties Written In Go
A Payload Injector for bugbounties written in go FeaturesInject multiple payloads into all parameters Inject single payloads into all parameters...
dorkX – Pipe Different Tools With Google Dork Scanner
Pipe different tools with google dork Scanner Installzoid@MSI ~/dorkX> git clone https://github.com/ethicalhackingplayground/dorkX zoid@MSI ~/dorkX> cd dorkX zoid@MSI ~/dorkX> go build...
A step closer to stronger federal IoT security
On Tuesday September 15th, the US House unanimously passed the IoT Cybersecurity Improvement Act . The bill, sponsored by Reps....
Decentralize Remediation Efforts to Gain More Efficiency with InsightVM
Let’s talk about the reality of the remediation process today. We know it is often a cumbersome and time-consuming process,...
American IT-businessman of Russian origin says Durov gave data of Telegram to Kremlin
The founder of Telegram Pavel Durov gave the messenger with the data of all users to the Kremlin because the...
AES Finder – Utility To Find AES Keys In Running Processes
Utility to find AES keys in running process memory. Works for 128, 192 and 256-bit keys. UsageOpen aes-finder.sln solution in...
Croc – Easily And Securely Send Things From One Computer To Another
croc is a tool that allows any two computers to simply and securely transfer files and folders. AFAIK, croc is...
This One Time on a Pen Test: Outwitting the Vexing VPN
Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part...
Fintech industry developments, differences between Europe and the US
“Put your money in the bank and you can watch it grow.” If there is a statement that shows us...
The Central Bank of Russia spotted a fraud scheme using the voice menu of one of the banks
The Central Bank of Russia informed banks that fraudsters use the voice menu to get information about the status of...
Android 11 is here: check out the new features and your phone’s compatibility with the new Android
Google has been teasing the Android 11 release for quite some time now and it's finally here. The new...
NZX Underwent Power Outage Caused Due to Multiple Cyberattacks, Trading Halted
New Zealand’s stock market exchange came to an abrupt halt after being hit by cyberattacks multiple times over a week,...
ActiveDirectoryEnumeration – Enumerate AD Through LDAP With A Collection Of Helpfull Scripts Being Bundled
ADE - ActiveDirectoryEnumusage: activeDirectoryEnum dc ___ __ _ ____ _ __ ______ / | _____/ /_(_) _____ / __ (_)_______...
Rbcd-Attack – Kerberos Resource-Based Constrained Delegation Attack From Outside Using Impacket
Abusing Kerberos Resource-Based Constrained DelegationTL;DRThis repo is about a practical attack against Kerberos Resource-Based Constrained Delegation in a Windows Active...
Rapid7 and Snyk Are on the Run(time) with Expanded SCA Capabilities
Earlier this year, Rapid7 and Snyk partnered together with the goal of securing cloud-native apps across the software development lifecycle...
[CVE-2020-16171] Acronis Cyber Backup <= v12.5 Build 16341 Full Unauthenticated SSRF
Posted by Julien Ahrens (RCE Security) on Sep 15RCE Security Advisoryhttps://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Acronis Cyber Backup Vendor...
ModSecurity v3 affected by DoS (CVE-2020-15598)
Posted by Christian Folini on Sep 15ModSecurity v3.0.x is affected by a Denial of Service vulnerability due to the global...
ARA-2020-005: Insecure Direct Object Reference in 1CRM (CVE-2020-15958)
Posted by Andreas Sperber on Sep 15# Security Advisory ARA-2020-005: Insecure Direct Object Reference (CVE-2020-15958) ## Affected Product(s) and Environment(s)...
