Article: Finding and Exploiting Same Origin Method Execution vulnerabilities - published almost 9 years ago. Content: Recently it came to my attention that it was possible to abuse JSONP callbacks using a vulnerability known as SOME – Same Origin Method Execution which can be used by an attacker to widely abuse a user’s trust between the web application and the intended flow of execution. For example, using the SOME attack it is possible for an attacker to trick a user to v... https://penturalabs.wordpress.com/2015/12/30/finding-and-exploiting-same-origin-method-execution-vulnerabilities/ Published: 2015 12 30 23:37:46 Received: 2023 12 16 16:00:53 Feed: Pentura Labs's Blog Source: Pentura Labs's Blog Category: Cyber Security Topic: Cyber Security |
Article: FLARE Script Series: Automating Obfuscated String Decoding - published almost 9 years ago. Content: Introduction We are expanding our script series beyond IDA Pro. This post extends the FireEye Labs Advanced Reverse Engineering (FLARE) script series to an invaluable tool for the reverse engineer – the debugger. Just like IDA Pro, debuggers have scripting interfaces. For example, OllyDbg uses an asm-like scripting language, the Immunity debugger... https://www.fireeye.com/blog/threat-research/2015/12/flare_script_series.html Published: 2015 12 28 14:01:00 Received: 2022 05 23 16:06:47 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: MMD-0047-2015 - SSHV: SSH bruter ELF botnet malware w/hidden process kernel module - published almost 9 years ago. Content: https://blog.malwaremustdie.org/2015/12/mmd-0047-2015-sshv-ssh-bruter-elf.html Published: 2015 12 23 17:52:00 Received: 2021 06 06 09:04:55 Feed: Malware Must Die! Source: Malware Must Die! Category: Cyber Security Topic: Cyber Security |
|
Article: MMD-0046-2015 - Kelihos 10 nodes CNC on NJIIX, New Jersey USA, with a known russian crook who rented them - published almost 9 years ago. Content: https://blog.malwaremustdie.org/2015/12/mmd-0046-2015-kelihos-cnc-activity-on.html Published: 2015 12 21 12:53:00 Received: 2021 06 06 09:04:55 Feed: Malware Must Die! Source: Malware Must Die! Category: Cyber Security Topic: Cyber Security |
|
Article: Secure Application Development And Modern Defenses - published almost 9 years ago. Content: Abstract When it comes to the internet, security has always been an after-thought. A great evidence to support the theory can be seen when we look at the history of the internet. The internet was created by US military back in 1969, branded as "Arpanet" at that time. In 1973, ARPANET created TCP IP protocol suite which later enabled the development of... http://www.rafayhackingarticles.net/2015/12/secure-application-development-Modern-Defenses.html Published: 2015 12 18 19:51:00 Received: 2024 02 17 13:21:46 Feed: Ethical Hacking - Rafayhackingarticles Source: Ethical Hacking - Rafayhackingarticles Category: Cyber Security Topic: Cyber Security |
Article: Six Ways to Automatically Find Software Bugs by Fan Gang [PDF] - published almost 9 years ago. Content: submitted by /u/turnersr [link] [comments] https://www.reddit.com/r/vrd/comments/3wu1py/six_ways_to_automatically_find_software_bugs_by/ Published: 2015 12 14 21:03:42 Received: 2021 06 06 11:29:11 Feed: Vulnerability Research and Development Source: Vulnerability Research and Development Category: Alerts Topic: Vulnerabilities |
|
Article: 3123040 - Inadvertently Disclosed Digital Certificate Could Allow Spoofing - Version: 1.0 - published almost 9 years ago. Content: Revision Note: V1.0 (December 8, 2015): Advisory published.Summary: Microsoft is aware of an SSL/TLS digital certificate for *.xboxlive.com for which the private keys were inadvertently disclosed. The certificate could be used in attempts to perform man-in-the-middle attacks. It cannot be used to issue other certificates, impersonate other domains, or sign c... https://technet.microsoft.com/en-us/library/security/3123040 Published: 2015 12 08 18:00:00 Received: 2022 04 14 18:03:36 Feed: Latest Security Advisories Source: Latest Security Advisories Category: Alerts Topic: Vulnerabilities |
|
Article: 3057154 - Update to Harden Use of DES Encryption - Version: 1.1 - published almost 9 years ago. Content: Revision Note: V1.1 (December 8, 2015): Advisory updated to include more information about disabling DES by default in Windows 7 and Windows Server 2008 R2 and later operating systems. The update allows DES to be used between client and server to address scenarios in which DES is still required for application compatibility reasons.Summary: Microsoft is anno... https://technet.microsoft.com/en-us/library/security/3057154 Published: 2015 12 08 18:00:00 Received: 2022 04 14 18:03:36 Feed: Latest Security Advisories Source: Latest Security Advisories Category: Alerts Topic: Vulnerabilities |
Article: Modern Binary Attacks and Defences in the Windows Environment – Fighting Against Microsoft EMET in Seven Rounds by Zoltan L. Nemeth - published almost 9 years ago. Content: submitted by /u/turnersr [link] [comments] https://www.reddit.com/r/vrd/comments/3vgb0n/modern_binary_attacks_and_defences_in_the_windows/ Published: 2015 12 04 19:35:23 Received: 2021 06 06 11:29:11 Feed: Vulnerability Research and Development Source: Vulnerability Research and Development Category: Alerts Topic: Vulnerabilities |
|
Article: MMD-0045-2015 - KDefend: a new ELF threat with a disclaimer - published almost 9 years ago. Content: https://blog.malwaremustdie.org/2015/12/mmd-0045-2015-kdefend-new-elf-threat.html Published: 2015 12 03 21:44:00 Received: 2021 06 06 09:04:55 Feed: Malware Must Die! Source: Malware Must Die! Category: Cyber Security Topic: Cyber Security |
|
Click to Open Code Editor