Exploit detection service EdgeSpot says it has spotted several PDF documents that exploit a zero-day vulnerability in Chrome to collect information on users who open the files through Google’s web browser. EdgeSpot claims to have identified several samples in the wild. When one of the PDFs is opened with Chrome, a document […]
exploit
9 posts
Two high-severity flaws in the SHAREit Android app allow an attacker to bypass the file transfer application’s device authentication mechanism – and ultimately download content and arbitrary files from the victim’s device, along with a raft of data such as Facebook tokens and cookies. TL;DR This blog post is about […]
In January 2019, current versions of Ubuntu Linux were found to be vulnerable to local privilege escalation due to a bug in the snapd API. This repository contains the original exploit POC, which is being made available for research and education. For a detailed walkthrough of the vulnerability and the […]
On october 19 2016, the Dirty Cow vulnerability went public (which is kernel privilege escalation vulnerability) . From what I have read and test, the exploit is working only on Centos 7/ RHEL7 / Cloudlinux 7 distros . CVE-2016-5195 Why is it called the Dirty COW bug? “A race condition […]
This is the second “critical” out-of-band patch issued in as many months. It’s all Internet Explorer’s fault — again. Microsoft has released an emergency out-of-band patch for a “critical”-rated security vulnerability, affecting all supported versions of Windows. The software giant said in an advisory Tuesday that users visiting a specially-crafted website […]
For 2 years VW tried to hide the exploits that made its cars hack-able . Now, many might be getting quite paranoid about the recent spate of stories revolving around wireless hacks, nifty devices like ‘Rolljam’ and inherent vulnerabilities in connected vehicles that leave them exposed to enterprising hackers. Well, […]
Internet Explorer is still one of the most used browsers in the world. The fact that it comes pre-installed on both the desktop version of Windows and Windows Phone means that it is probably the default browser for many – and makes it a very lucrative target for hackers. HP […]
In the past thirty days an increase attack activity has been observed using the “njRAT” malware. This remote access trojan (RAT) has capabilities to log keystrokes, access the victim’s camera, steal credentials stored in browsers, open a reverse shell, upload/download files, view the victim’s desktop, perform process, file, and registry […]
Adobe Systems Inc. says its plans to issue a patch on Wednesday to fix a zero-day vulnerability in its Flash Player software that is reportedly being exploited in active attacks. The flaw was disclosed publicly over the weekend after hackers broke into and posted online hundreds of gigabytes of data from […]