Article: Finding and Exploiting Same Origin Method Execution vulnerabilities - published almost 9 years ago.
Content: Recently it came to my attention that it was possible to abuse JSONP callbacks using a vulnerability known as SOME – Same Origin Method Execution which can be used by an attacker to widely abuse a user’s trust between the web application and the intended flow of execution. For example, using the SOME attack it is possible for an attacker to trick a user to v...
Copy Link: https://penturalabs.wordpress.com/2015/12/30/finding-and-exploiting-same-origin-method-execution-vulnerabilities/   
Published: 2015 12 30 23:37:46
Received: 2024 11 09 10:18:55
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Free Score Certificate

Article: FLARE Script Series: Automating Obfuscated String Decoding - published almost 9 years ago.
Content: Introduction We are expanding our script series beyond IDA Pro. This post extends the FireEye Labs Advanced Reverse Engineering (FLARE) script series to an invaluable tool for the reverse engineer – the debugger. Just like IDA Pro, debuggers have scripting interfaces. For example, OllyDbg uses an asm-like scripting language, the Immunity debugger...
Copy Link: https://www.fireeye.com/blog/threat-research/2015/12/flare_script_series.html   
Published: 2015 12 28 14:01:00
Received: 2022 05 23 16:06:47
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Article: MMD-0047-2015 - SSHV: SSH bruter ELF botnet malware w/hidden process kernel module - published almost 9 years ago.
Content:
Copy Link: https://blog.malwaremustdie.org/2015/12/mmd-0047-2015-sshv-ssh-bruter-elf.html   
Published: 2015 12 23 17:52:00
Received: 2021 06 06 09:04:55
Feed: Malware Must Die!
Source: Malware Must Die!
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Score Summary

Article: MMD-0046-2015 - Kelihos 10 nodes CNC on NJIIX, New Jersey USA, with a known russian crook who rented them - published almost 9 years ago.
Content:
Copy Link: https://blog.malwaremustdie.org/2015/12/mmd-0046-2015-kelihos-cnc-activity-on.html   
Published: 2015 12 21 12:53:00
Received: 2021 06 06 09:04:55
Feed: Malware Must Die!
Source: Malware Must Die!
Category: Cyber Security
Topic: Cyber Security

Article: Secure Application Development And Modern Defenses - published almost 9 years ago.
Content: Abstract When it comes to the internet, security has always been an after-thought. A great evidence to support the theory can be seen when we look at the history of the internet. The internet was created by US military back in 1969, branded as "Arpanet" at that time. In 1973, ARPANET created TCP IP protocol suite which later enabled the development of...
Copy Link: http://www.rafayhackingarticles.net/2015/12/secure-application-development-Modern-Defenses.html   
Published: 2015 12 18 19:51:00
Received: 2024 02 17 13:21:46
Feed: Ethical Hacking - Rafayhackingarticles
Source: Ethical Hacking - Rafayhackingarticles
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Your Score Explained

Article: Six Ways to Automatically Find Software Bugs by Fan Gang [PDF] - published almost 9 years ago.
Content: submitted by /u/turnersr [link] [comments]
Copy Link: https://www.reddit.com/r/vrd/comments/3wu1py/six_ways_to_automatically_find_software_bugs_by/   
Published: 2015 12 14 21:03:42
Received: 2021 06 06 11:29:11
Feed: Vulnerability Research and Development
Source: Vulnerability Research and Development
Category: Alerts
Topic: Vulnerabilities

Cyber Tzar Gold Score Certificate

Article: 3123040 - Inadvertently Disclosed Digital Certificate Could Allow Spoofing - Version: 1.0 - published almost 9 years ago.
Content: Revision Note: V1.0 (December 8, 2015): Advisory published.Summary: Microsoft is aware of an SSL/TLS digital certificate for *.xboxlive.com for which the private keys were inadvertently disclosed. The certificate could be used in attempts to perform man-in-the-middle attacks. It cannot be used to issue other certificates, impersonate other domains, or sign c...
Copy Link: https://technet.microsoft.com/en-us/library/security/3123040   
Published: 2015 12 08 18:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 3057154 - Update to Harden Use of DES Encryption - Version: 1.1 - published almost 9 years ago.
Content: Revision Note: V1.1 (December 8, 2015): Advisory updated to include more information about disabling DES by default in Windows 7 and Windows Server 2008 R2 and later operating systems. The update allows DES to be used between client and server to address scenarios in which DES is still required for application compatibility reasons.Summary: Microsoft is anno...
Copy Link: https://technet.microsoft.com/en-us/library/security/3057154   
Published: 2015 12 08 18:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: Modern Binary Attacks and Defences in the Windows Environment – Fighting Against Microsoft EMET in Seven Rounds by Zoltan L. Nemeth - published almost 9 years ago.
Content: submitted by /u/turnersr [link] [comments]
Copy Link: https://www.reddit.com/r/vrd/comments/3vgb0n/modern_binary_attacks_and_defences_in_the_windows/   
Published: 2015 12 04 19:35:23
Received: 2021 06 06 11:29:11
Feed: Vulnerability Research and Development
Source: Vulnerability Research and Development
Category: Alerts
Topic: Vulnerabilities

Cyber Tzar Score Analysis

Article: MMD-0045-2015 - KDefend: a new ELF threat with a disclaimer - published almost 9 years ago.
Content:
Copy Link: https://blog.malwaremustdie.org/2015/12/mmd-0045-2015-kdefend-new-elf-threat.html   
Published: 2015 12 03 21:44:00
Received: 2021 06 06 09:04:55
Feed: Malware Must Die!
Source: Malware Must Die!
Category: Cyber Security
Topic: Cyber Security