Article: How to secure your home against "Internet of Things" and FUD - published over 8 years ago. Content: TL;DR, most of the security news about IoT is full of FUD. Always put the risks in context - who can exploit this and what can the attacker do with it. Most story only covers the latter.IntroductionThere is rarely a day without news that another "Internet of Things" got hacked. "Smart" safes, "smart" rifles, "smart" cars, "smart" fridges, "smart" TVs, "smart... https://jumpespjump.blogspot.com/2015/08/how-to-secure-your-home-against.html Published: 2015 08 20 11:37:00 Received: 2021 06 06 09:04:53 Feed: Jump ESP, jump! Source: Jump ESP, jump! Category: Cyber Security Topic: Cyber Security |
Article: Potao Express samples - published almost 9 years ago. Content: http://www.welivesecurity.com/2015/07/30/operation-potao-express/ http://www.welivesecurity.com/wp-content/uploads/2015/07/Operation-Potao-Express_final_v2.pdf TL; DR 2011- July 2015 Aka Sapotao and node69 Group - Sandworm / Quedagh APT Vectors - USB, exe as doc, xls Victims - RU, BY, AM, GE Victims - MMM group, UA gov truecryptrussia.ru has be... https://contagiodump.blogspot.com/2015/08/potao-express-samples.html Published: 2015 08 12 12:24:00 Received: 2024 03 13 18:00:19 Feed: contagio Source: contagio Category: Cyber Security Topic: Cyber Security |
|
Article: DEFCON 23 Badge Challenge - published almost 9 years ago. Content: https://potatohatsecurity.tumblr.com/post/126411303994 Published: 2015 08 11 08:21:59 Received: 2021 06 06 09:04:58 Feed: Team PotatoSec Source: Team PotatoSec Category: Cyber Security Topic: Cyber Security |
|
Article: Windows Management Instrumentation (WMI) Offense, Defense, and Forensics - published almost 9 years ago. Content: Windows Management Instrumentation (WMI) is a remote management framework that enables the collection of host information, execution of code, and provides an eventing system that can respond to operating system events in real time. FireEye has recently seen a surge in attacker use of WMI to carry out objectives such as system reconnaissance, remote... https://www.fireeye.com/blog/threat-research/2015/08/windows_managementi.html Published: 2015 08 08 18:45:00 Received: 2022 05 23 16:06:46 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: Mythbusters: Is an open (unencrypted) WiFi more dangerous than a WPA2-PSK? Actually, it is not. - published almost 9 years ago. Content: Introduction Whenever security professionals recommend the 5 most important IT security practices to average users, one of the items is usually something like: “Avoid using open Wifi” or “Always use VPN while using open WiFi” or “Avoid sensitive websites (e.g. online banking) while using open WiFI”, etc. What I think about this? It is bullshit. But le... https://jumpespjump.blogspot.com/2015/07/mythbusters-is-open-unencrypted-wifi.html Published: 2015 07 23 13:59:00 Received: 2024 03 12 23:22:33 Feed: Jump ESP, jump! Source: Jump ESP, jump! Category: Cyber Security Topic: Cyber Security |
|
Article: Second Adobe Flash Zero-Day CVE-2015-5122 from HackingTeam Exploited in Strategic Web Compromise Targeting Japanese Victims - published almost 9 years ago. Content: On July 14, FireEye researchers discovered attacks exploiting the Adobe Flash vulnerability CVE-2015-5122, just four days after Adobe released a patch. CVE-2015-5122 was the second Adobe Flash zero-day revealed in the leak of HackingTeam’s internal data. The campaign targeted Japanese organizations by using at least two legitimate Japanese websites... https://www.fireeye.com/blog/threat-research/2015/07/second_adobe_flashz.html Published: 2015 07 19 20:00:00 Received: 2022 05 23 16:06:46 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Building a exploit for CVE-2015-5090 - SYSTEM-level code execution in Adobe Reader - published almost 9 years ago. Content: submitted by /u/RedmondSecGnome [link] [comments]... https://www.reddit.com/r/vrd/comments/3dibtp/building_a_exploit_for_cve20155090_systemlevel/ Published: 2015 07 16 14:36:46 Received: 2021 06 06 11:29:11 Feed: Vulnerability Research and Development Source: Vulnerability Research and Development Category: Alerts Topic: Vulnerabilities |
|
Article: Oracle Critical Patch Update Advisory - July 2015
- published almost 9 years ago. Content: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html Published: 2015 07 14 19:30:54 Received: 2021 06 06 09:03:27 Feed: Oracle Security Alerts Source: Oracle Security Alerts Category: Alerts Topic: Vulnerabilities |
|
Article: 3074162 - Vulnerability in Microsoft Malicious Software Removal Tool Could Allow Elevation of Privilege - Version: 1.0 - published almost 9 years ago. Content: Severity Rating: ImportantRevision Note: V1.0 (July 14, 2015): Advisory publishedSummary: Microsoft is releasing this security advisory to inform customers that an update to the Microsoft Malicious Software Removal Tool (MSRT) is available that addresses a security vulnerability that was reported to Microsoft. The vulnerability could allow elevation of privi... https://technet.microsoft.com/en-us/library/security/3074162 Published: 2015 07 14 17:00:00 Received: 2022 04 14 18:03:37 Feed: Latest Security Advisories Source: Latest Security Advisories Category: Alerts Topic: Vulnerabilities |
Article: Three New Masque Attacks against iOS: Demolishing, Breaking and Hijacking - published almost 9 years ago. Content: In the recent release of iOS 8.4, Apple fixed several vulnerabilities including vulnerabilities that allow attackers to deploy two new kinds of Masque Attack (CVE-2015-3722/3725, and CVE-2015-3725). We call these exploits Manifest Masque and Extension Masque, which can be used to demolish apps, including system apps (e.g., Apple Watch, Health, Pay ... https://www.fireeye.com/blog/threat-research/2015/06/three_new_masqueatt.html Published: 2015 06 30 14:00:00 Received: 2022 05 23 16:06:47 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: 2962393 - Update for Vulnerability in Juniper Networks Windows In-Box Junos Pulse Client - Version: 2.0 - published almost 9 years ago. Content: Revision Note: V2.0 (June 9, 2015): Added the 3062760 update to the Juniper VPN Client Update section.Summary: Microsoft is announcing the availability of an update for the Juniper Networks Windows In-Box Junos Pulse Client for Windows 8.1 and Windows RT 8.1. The update addresses a vulnerability in the Juniper VPN client by updating the affected Juniper VPN ... https://technet.microsoft.com/en-us/library/security/2962393 Published: 2015 06 09 17:00:00 Received: 2022 04 14 18:03:37 Feed: Latest Security Advisories Source: Latest Security Advisories Category: Alerts Topic: Vulnerabilities |
|
Article: List open ports and listening services - published almost 9 years ago. Content: https://www.techrepublic.com/article/list-open-ports-and-listening-services/#ftag=RSS56d97e7 Published: 2015 06 04 17:35:00 Received: 2021 06 06 09:05:21 Feed: IT Security Blog | TechRepublic Source: IT Security Blog | TechRepublic Category: Cyber Security Topic: Cyber Security |
Article: NitlovePOS: Another New POS Malware - published almost 9 years ago. Content: There has been a proliferation of malware specifically designed to extract payment card information from Point-of-Sale (POS) systems over the last two years. In 2015, there have already been a variety of new POS malware identified including a new Alina variant, FighterPOS and Punkey. During our research into a widespread spam campaign, we dis... https://www.fireeye.com/blog/threat-research/2015/05/nitlovepos_another.html Published: 2015 05 23 18:05:00 Received: 2022 05 23 16:06:47 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: PHP Security Training Video - published almost 9 years ago. Content: Topics Of the Course !!! what is the threat ? How can you Analyze the threat ? what Types of threats Are out there? How bad is it ? what Threats Are Specific to PHP? what are some resources to find out more ?? what are the Consequences when a website is not protected Against Attack? Financial loss Loss of Service identity Theft website ... http://hacking-share.blogspot.com/2015/05/php-security-training-video.html Published: 2015 05 22 09:45:00 Received: 2024 02 07 05:20:18 Feed: Hacking Share Source: Hacking Share Category: Cyber Security Topic: Cyber Security |
Article: SQLi Dumper - Advanced SQL Injection\Scanner Tool v7.0 Private Version - published almost 9 years ago. Content: Designed to be automated to find and exploit web security vulnerabilities in mass from worldwide! It is robust, works in the background threads and is super faster. Uses an advanced search engine with 10 different online search services. Last release: 06/23/2014 v.7.0 SQLi Dumper Features: -Suports 20 methods of SQL Injection; -Suports Multi. Onl... http://hacking-share.blogspot.com/2015/05/sqli-dumper-advanced-sql.html Published: 2015 05 20 09:40:00 Received: 2024 02 07 05:20:18 Feed: Hacking Share Source: Hacking Share Category: Cyber Security Topic: Cyber Security |
Article: Android Browser All Versions - Address Bar Spoofing Vulnerability - CVE-2015-3830 - published almost 9 years ago. Content: Introduction Google security team themselves state that "We recognize that the address bar is the only reliable security indicator in modern browsers" and if the only reliable security indicator could be controlled by an attacker it could carry adverse affects, For instance potentially tricking users into supplying sensitive information to a malicious ... http://www.rafayhackingarticles.net/2015/05/android-browser-address-bar-spoofing-vulnerability.html Published: 2015 05 18 18:14:00 Received: 2024 02 17 13:21:46 Feed: Ethical Hacking - Rafayhackingarticles Source: Ethical Hacking - Rafayhackingarticles Category: Cyber Security Topic: Cyber Security |
Article: Oracle Security Alert for CVE-2015-3456 - 15 May 2015
- published about 9 years ago. Content: http://www.oracle.com/technetwork/topics/security/alert-cve-2015-3456-2542656.html Published: 2015 05 15 19:30:54 Received: 2021 06 06 09:03:27 Feed: Oracle Security Alerts Source: Oracle Security Alerts Category: Alerts Topic: Vulnerabilities |
|
Article: Best Wordlist sites - published about 9 years ago. Content: Best sites to Download wordlist... http://cyberwarzone.com/cyberwarfare/pas...word-lists http://hashcrack.blogspot.de/p/wordlist-...ds_29.html http://www.skullsecurity.org/wiki/index.php/Passwords http://packetstormsecurity.org/Crackers/wordlists/ http://www.isdpodcast.com/resources/62k-...-passwords http://g0tmi1k.blogspot.com/2011/06/dict..... http://hacking-share.blogspot.com/2015/05/best-wordlist-sites.html Published: 2015 05 15 08:40:00 Received: 2024 02 07 05:20:19 Feed: Hacking Share Source: Hacking Share Category: Cyber Security Topic: Cyber Security |
|
Article: An Overview of Exploit Packs (Update 25) May 2015 - published about 9 years ago. Content: Update May 12, 2015 Added CVE-2015-0359 and updates for CVE-2015-0336 Exploit kit table 2014- 2015 (Sortable HTML table) Reference table : Exploit References 2014-2015 Update March 20, 2015 Added CVE-2015-0336 ------------------------ Update February 19, 2015 Added Hanjuan Exploit kit and CVE-2015-3013 for Angler Update... https://contagiodump.blogspot.com/2010/06/overview-of-exploit-packs-update.html Published: 2015 05 12 04:30:00 Received: 2024 03 13 18:00:19 Feed: contagio Source: contagio Category: Cyber Security Topic: Cyber Security |
|
Article: SQL Injection Bypassing handbook - published about 9 years ago. Content: Content writers :-Chapter I::: SQL Injection: What is it? SQL Injection: An In-depth Explanation Why is it possible to pass SQL queries directly to a database that is hidden behind a firewall and any other security mechanism? Is my database at risk to SQL Injection? What is the impact of SQL Injection? Example of a SQLInjection Attack WebApplication... http://hacking-share.blogspot.com/2015/05/sql-injection-bypassing-handbook.html Published: 2015 05 07 04:05:00 Received: 2024 02 07 05:20:19 Feed: Hacking Share Source: Hacking Share Category: Cyber Security Topic: Cyber Security |
Article: Many ways of malware persistence (that you were always afraid to ask) - published about 9 years ago. Content: TL;DR: Are you into red teaming? Need persistence? This post is not that long, read it ;) Are you into blue teaming? Have to find those pesky backdoors? This post is not that long, read it ;) In the previous post, I listed different ways how a Windows domain/forest can be backdoored. In this new post, I am digging a bit deeper, and list the most common/... https://jumpespjump.blogspot.com/2015/05/many-ways-of-malware-persistence-that.html Published: 2015 05 05 06:32:00 Received: 2024 03 12 23:22:33 Feed: Jump ESP, jump! Source: Jump ESP, jump! Category: Cyber Security Topic: Cyber Security |
Article: Best Deface pages Collection - published about 9 years ago. Content: Don't Have Time for designing A Deface page .. ?? dont worry here you can download Best Deface Pages, Just replace the Name and messgae with your own name and message !! [Click on Download And Copy The Code, Then Use it, for demo you can paste the code on Pastehtml.com How to edit and save it... ?? All html codes are shared on pastebin, copy it and pas... http://hacking-share.blogspot.com/2015/05/best-deface-pages-collection.html Published: 2015 05 04 03:18:00 Received: 2023 04 02 10:42:08 Feed: Hacking Share Source: Hacking Share Category: Cyber Security Topic: Cyber Security |
Article: 3062591 - Local Administrator Password Solution (LAPS) Now Available - Version: 1.0 - published about 9 years ago. Content: Revision Note: V1.0 (May 1, 2015): V1.0 (May 1, 2015): Advisory published.Summary: Microsoft is offering the Local Administrator Password Solution (LAPS) that provides a solution to the issue of using a common local account with an identical password on every computer in a domain. LAPS resolves this issue by setting a different, random password for the commo... https://technet.microsoft.com/en-us/library/security/3062591 Published: 2015 05 01 17:00:00 Received: 2022 04 14 18:03:37 Feed: Latest Security Advisories Source: Latest Security Advisories Category: Alerts Topic: Vulnerabilities |
|
Article: Sucuri WAF XSS Filter Bypass - published about 9 years ago. Content: Introduction Sucuri Cloud Proxy is a very well known WAF capable of preventing DOS, SQL Injection, XSS and malware detection and prevention. It acts as a reverse proxy which means that all the traffic sent to an application behind Sucuri WAF would be first sent to Sucuri's network which (based upon it's signature database) would check if a particular req... http://www.rafayhackingarticles.net/2015/04/sucuri-waf-xss-filter-bypass.html Published: 2015 04 25 14:10:00 Received: 2024 02 17 13:21:46 Feed: Ethical Hacking - Rafayhackingarticles Source: Ethical Hacking - Rafayhackingarticles Category: Cyber Security Topic: Cyber Security |
Article: Operation RussianDoll: Adobe & Windows Zero-Day Exploits Likely Leveraged by Russia’s APT28 in Highly-Targeted Attack - published about 9 years ago. Content: FireEye Labs recently detected a limited APT campaign exploiting zero-day vulnerabilities in Adobe Flash and a brand-new one in Microsoft Windows. Using the Dynamic Threat Intelligence Cloud (DTI), FireEye researchers detected a pattern of attacks beginning on April 13th, 2015. Adobe independently patched the vulnerability (CVE-2015-3043) in ... http://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html Published: 2015 04 18 16:10:00 Received: 2021 06 06 09:05:11 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: CSP 2015 Capture The Flag Writeup - published about 9 years ago. Content: On 11th April Giuseppe Trotta and myself organized a CTF (Capture The Flag) competition for Cyber Secure Pakistan (A conference that combines all the stakeholders). The challenge was hosted on hack.me and contained 9 different challenges, some challenges itself contained sub-challenges. Overall, we received great feedback from vast majority of participan... http://www.rafayhackingarticles.net/2015/04/csp-2015-capture-flag-writeup.html Published: 2015 04 18 07:31:00 Received: 2024 02 17 13:21:46 Feed: Ethical Hacking - Rafayhackingarticles Source: Ethical Hacking - Rafayhackingarticles Category: Cyber Security Topic: Cyber Security |
|
Article: Oracle Critical Patch Update Advisory - April 2015
- published about 9 years ago. Content: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html Published: 2015 04 14 19:30:54 Received: 2021 06 06 09:03:27 Feed: Oracle Security Alerts Source: Oracle Security Alerts Category: Alerts Topic: Vulnerabilities |
Article: 3009008 - Vulnerability in SSL 3.0 Could Allow Information Disclosure - Version: 3.0 - published about 9 years ago. Content: Revision Note: V3.0 (April 14, 2015): Revised advisory to announce with the release of security update 3038314 on April 14, 2015 SSL 3.0 is disabled by default in Internet Explorer 11, and to add instructions for how to undo the workarounds.Summary: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulner... https://technet.microsoft.com/en-us/library/security/3009008 Published: 2015 04 14 17:00:00 Received: 2022 04 14 18:03:37 Feed: Latest Security Advisories Source: Latest Security Advisories Category: Alerts Topic: Vulnerabilities |
|
Article: 3045755 - Update to Improve PKU2U Authentication - Version: 1.0 - published about 9 years ago. Content: Revision Note: V1.0 (April 14, 2015): Advisory published.Summary: Microsoft is announcing the availability of a defense-in-depth update that improves the authentication used by the Public Key Cryptography User-to-User (PKU2U) security support provider (SSP) in Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1. The improvement is part of ongoing efforts... https://technet.microsoft.com/en-us/library/security/3045755 Published: 2015 04 14 17:00:00 Received: 2022 04 14 18:03:37 Feed: Latest Security Advisories Source: Latest Security Advisories Category: Alerts Topic: Vulnerabilities |
|
Click to Open Code Editor