un rdp2tcp Tunneling Tool 0.1 By packetstormsecurity.com Published On :: Mon, 10 Jan 2011 11:11:11 GMT rdp2tcp is a tunneling tool on top of remote desktop protocol (RDP). It uses RDP virtual channel capabilities to multiplex several TCP ports forwarding over an already established rdesktop session. Full Article
un Mandos Encrypted File System Unattended Reboot Utility 1.8.11 By packetstormsecurity.com Published On :: Thu, 09 Apr 2020 15:00:12 GMT The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system. Full Article
un Google Splats 21 Bugs In Chrome 54 Patch Run By packetstormsecurity.com Published On :: Fri, 14 Oct 2016 15:36:02 GMT Full Article headline flaw google patch chrome
un Clickjacking Counter Measures Appear In Chrome By packetstormsecurity.com Published On :: Mon, 19 Aug 2019 15:05:57 GMT Full Article headline fraud google chrome
un Linux 32bit Vulnerability Workaround By packetstormsecurity.com Published On :: Fri, 17 Sep 2010 00:37:12 GMT Information regarding a simple mitigation to disable 32bit binaries in Linux. Full Article
un Launcher Execution Mitigation Patch By packetstormsecurity.com Published On :: Fri, 10 Jan 2020 02:33:33 GMT This patch mitigates allowing launcher the ability to execute arbitrary programs. Full Article
un Russia Successfully Tests Its Unplugged Internet By packetstormsecurity.com Published On :: Tue, 24 Dec 2019 16:08:29 GMT Full Article headline government russia censorship
un With Everyone WFH, VPN Security Has Become Paramount By packetstormsecurity.com Published On :: Wed, 18 Mar 2020 14:38:00 GMT Full Article headline privacy cryptography
un Zoom: Every Security Issue Uncovered In The Video Chat App By packetstormsecurity.com Published On :: Tue, 14 Apr 2020 14:32:56 GMT Full Article headline hacker privacy phone flaw cryptography
un The CIA's Infamous, Unsolved Cryptographic Puzzle Gets A Final Clue By packetstormsecurity.com Published On :: Mon, 03 Feb 2020 15:59:36 GMT Full Article headline government usa spyware cryptography cia
un Samsung Android Remote Code Execution By packetstormsecurity.com Published On :: Fri, 08 May 2020 20:12:41 GMT Samsung Android suffers from multiple interaction-less remote code execution vulnerabilities as well as other remote access issues in the Qmage image codec built into Skia. Full Article
un Western Intelligence Hacked Yandex To Spy On Accounts By packetstormsecurity.com Published On :: Fri, 28 Jun 2019 15:12:22 GMT Full Article headline hacker government usa canada britain russia cyberwar new zealand
un Ubuntu Security Notice USN-4201-1 By packetstormsecurity.com Published On :: Tue, 26 Nov 2019 17:23:06 GMT Ubuntu Security Notice 4201-1 - It was discovered that Ruby incorrectly handled certain files. An attacker could possibly use this issue to pass path matching what can lead to an unauthorized access. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could use this issue to cause a denial of service. It was discovered that Ruby incorrectly handled certain HTTP headers. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed. Full Article
un Swedish Social Democrats' Twitter Account Hacked By packetstormsecurity.com Published On :: Tue, 16 Apr 2019 22:07:32 GMT Full Article headline hacker government sweden social twitter
un US To Demand Five Years Of Your Social Media, Email Account Info In Your Visa Application By packetstormsecurity.com Published On :: Mon, 03 Jun 2019 14:09:54 GMT Full Article headline government privacy usa facebook social twitter terror
un Jack Dorsey's Twitter Account Got Hacked By packetstormsecurity.com Published On :: Mon, 02 Sep 2019 17:15:14 GMT Full Article headline hacker password twitter
un Hackers Hijack Social Media Accounts For The NFL By packetstormsecurity.com Published On :: Mon, 27 Jan 2020 22:45:17 GMT Full Article headline hacker password twitter
un Hackers Deface Facebook's Official Twitter And Instagram Accounts By packetstormsecurity.com Published On :: Sun, 09 Feb 2020 16:25:27 GMT Full Article headline hacker facebook social twitter
un Twitter Says Olympics, IOC Accounts Hacked By packetstormsecurity.com Published On :: Mon, 17 Feb 2020 16:25:22 GMT Full Article headline hacker twitter
un Secunia Security Advisory 30197 By packetstormsecurity.com Published On :: Mon, 12 May 2008 22:24:40 GMT Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft Windows CE, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Article
un Quest InTrust Annotation Objects Uninitialized Pointer By packetstormsecurity.com Published On :: Fri, 13 Apr 2012 22:12:21 GMT This Metasploit module exploits an uninitialized variable vulnerability in the Annotation Objects ActiveX component. The activeX component loads into memory without opting into ALSR so this module exploits the vulnerability against windows Vista and Windows 7 targets. A large heap spray is required to fulfill the requirement that EAX points to part of the ROP chain in a heap chunk and the calculated call will hit the pivot in a separate heap chunk. This will take some time in the users browser. Full Article
un HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution By packetstormsecurity.com Published On :: Wed, 04 Sep 2013 03:19:31 GMT This Metasploit module exploits a vulnerability on the lrFileIOService ActiveX, as installed with HP LoadRunner 11.50. The vulnerability exists in the WriteFileString method, which allow the user to write arbitrary files. It's abused to drop a payload embedded in a dll, which is later loaded through the Init() method from the lrMdrvService control, by abusing an insecure LoadLibrary call. This Metasploit module has been tested successfully on IE8 on Windows XP. Virtualization based on the Low Integrity Process, on Windows Vista and 7, will stop this module because the DLL will be dropped to a virtualized folder, which isn't used by LoadLibrary. Full Article
un HP Data Protector Encrypted Communication Remote Command Execution By packetstormsecurity.com Published On :: Tue, 07 Jun 2016 07:51:36 GMT This Metasploit module exploits a well known remote code execution exploit after establishing encrypted control communications with a Data Protector agent. This allows exploitation of Data Protector agents that have been configured to only use encrypted control communications. This exploit works by executing the payload with Microsoft PowerShell so will only work against Windows Vista or newer. Tested against Data Protector 9.0 installed on Windows Server 2008 R2. Full Article
un Personal Details For Entire Country Of Georgia Leaked Online By packetstormsecurity.com Published On :: Mon, 30 Mar 2020 15:32:42 GMT Full Article headline government privacy data loss
un Account Details For 4 Million Quidd Users Shared On Hacking Forum By packetstormsecurity.com Published On :: Tue, 14 Apr 2020 14:33:05 GMT Full Article headline hacker privacy data loss
un Hacker Leaks 23 Million Accounts From Webkinz Children's Game By packetstormsecurity.com Published On :: Mon, 20 Apr 2020 15:06:35 GMT Full Article headline hacker privacy data loss password
un 160,000 Nintendo Accounts Were Compromised By packetstormsecurity.com Published On :: Fri, 24 Apr 2020 14:32:18 GMT Full Article headline hacker privacy data loss nintendo password
un Turkey Blocks Twitter But Users Find Workarounds By packetstormsecurity.com Published On :: Fri, 21 Mar 2014 15:15:06 GMT Full Article headline government turkey twitter censorship
un GNUnet P2P Framework 0.11.5 By packetstormsecurity.com Published On :: Wed, 26 Jun 2019 16:11:23 GMT GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing. Full Article
un SunOS 5.10 Generic_147148-26 Local Privilege Escalation By packetstormsecurity.com Published On :: Wed, 15 Jan 2020 23:33:33 GMT SunOS version 5.10 Generic_147148-26 local privilege escalation exploit. A buffer overflow in the CheckMonitor() function in the Common Desktop Environment versions 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 (Update 11) and earlier, allows local users to gain root privileges via a long palette name passed to dtsession in a malicious .Xdefaults file. Full Article
un Unprecedented DNS Hijacking Attacks Linked To Iran By packetstormsecurity.com Published On :: Sat, 12 Jan 2019 16:36:04 GMT Full Article headline dns iran
un GoDaddy Hack Breaches Hosting Account Credentials By packetstormsecurity.com Published On :: Wed, 06 May 2020 14:31:15 GMT Full Article headline hacker privacy dns data loss password
un Ubuntu Security Notice USN-3964-1 By packetstormsecurity.com Published On :: Thu, 02 May 2019 20:51:59 GMT Ubuntu Security Notice 3964-1 - Marcus Brinkmann discovered that GnuPG before 2.2.8 improperly handled certain command line parameters. A remote attacker could use this to spoof the output of GnuPG and cause unsigned e-mail to appear signed. It was discovered that python-gnupg incorrectly handled the GPG passphrase. A remote attacker could send a specially crafted passphrase that would allow them to control the output of encryption and decryption operations. Various other issues were also addressed. Full Article
un Ubuntu Security Notice USN-3991-1 By packetstormsecurity.com Published On :: Tue, 21 May 2019 23:06:42 GMT Ubuntu Security Notice 3991-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, trick the user in to launching local executable binaries, obtain sensitive information, conduct cross-site scripting attacks, or execute arbitrary code. Various other issues were also addressed. Full Article
un Ubuntu Security Notice USN-4054-1 By packetstormsecurity.com Published On :: Fri, 12 Jul 2019 12:22:22 GMT Ubuntu Security Notice 4054-1 - A sandbox escape was discovered in Firefox. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass same origin restrictions, conduct cross-site scripting attacks, conduct cross-site request forgery attacks, spoof origin attributes, spoof the addressbar contents, bypass safebrowsing protections, or execute arbitrary code. Various other issues were also addressed. Full Article
un Ubuntu Security Notice USN-4064-1 By packetstormsecurity.com Published On :: Thu, 18 Jul 2019 18:58:22 GMT Ubuntu Security Notice 4064-1 - A sandbox escape was discovered in Thunderbird. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same origin restrictions, conduct cross-site scripting attacks, spoof origin attributes, or execute arbitrary code. Various other issues were also addressed. Full Article
un Ubuntu Security Notice USN-4054-2 By packetstormsecurity.com Published On :: Fri, 26 Jul 2019 11:11:11 GMT Ubuntu Security Notice 4054-2 - USN-4054-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. A sandbox escape was discovered in Firefox. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass same origin restrictions, conduct cross-site scripting attacks, conduct cross-site request forgery attacks, spoof origin attributes, spoof the addressbar contents, bypass safebrowsing protections, or execute arbitrary code. It was discovered that Firefox treats all files in a directory as same origin. If a user were tricked in to downloading a specially crafted HTML file, an attacker could potentially exploit this to obtain sensitive information from local files. Various other issues were also addressed. Full Article
un Ubuntu Security Notice USN-4202-2 By packetstormsecurity.com Published On :: Tue, 10 Dec 2019 23:02:29 GMT Ubuntu Security Notice 4202-2 - USN-4202-1 fixed vulnerabilities in Thunderbird. After upgrading, Thunderbird created a new profile for some users. This update fixes the problem. It was discovered that a specially crafted S/MIME message with an inner encryption layer could be displayed as having a valid signature in some circumstances, even if the signer had no access to the encrypted message. An attacker could potentially exploit this to spoof the message author. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, bypass same-origin restrictions, conduct cross-site scripting attacks, or execute arbitrary code. A heap overflow was discovered in the expat library in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. Full Article
un Ubuntu Security Notice USN-4299-1 By packetstormsecurity.com Published On :: Thu, 12 Mar 2020 20:12:03 GMT Ubuntu Security Notice 4299-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the URL or other browser chrome, obtain sensitive information, bypass Content Security Policy protections, or execute arbitrary code. Various other issues were also addressed. Full Article
un Rootkit Hunter 1.4.6 By packetstormsecurity.com Published On :: Mon, 19 Feb 2018 23:44:44 GMT Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD. Full Article
un NTCrackPipe 1.0 Local Windows Account Cracker By packetstormsecurity.com Published On :: Fri, 23 Feb 2018 02:22:22 GMT NTCrackPipe is a basic local Windows account cracking tool. Full Article
un Gadgets Can Be Hacked To Produce Dangerous Sounds By packetstormsecurity.com Published On :: Sun, 11 Aug 2019 18:14:53 GMT Full Article headline flaw cyberwar science conference
un Coronavirus Lockdowns: 24 Hours Of Confusion Around The World By packetstormsecurity.com Published On :: Wed, 18 Mar 2020 14:37:49 GMT Full Article headline government virus science
un OpenBSD 2.8 Announced By packetstormsecurity.com Published On :: Fri, 01 Dec 2000 12:57:57 GMT Full Article bsd
un FreeBSD Bug Gives Untrusted Root Access By packetstormsecurity.com Published On :: Tue, 01 Dec 2009 21:02:11 GMT Full Article bsd
un OpenBSD Forks, Prunes, Fixes OpenSSL By packetstormsecurity.com Published On :: Tue, 22 Apr 2014 15:09:34 GMT Full Article headline flaw bsd ssl cryptography
un Hyperthreading Under Scrutiny With New TLBleed Crypto Key Leak By packetstormsecurity.com Published On :: Tue, 26 Jun 2018 15:49:41 GMT Full Article headline flaw bsd cryptography
un Hacker House Shoved Under UK Parliament's Spotlight By packetstormsecurity.com Published On :: Wed, 25 Sep 2019 16:56:41 GMT Full Article headline government britain fraud
un Arron Banks' Twitter Account Hacked By packetstormsecurity.com Published On :: Tue, 19 Nov 2019 15:01:40 GMT Full Article headline hacker government britain twitter
un UK To Launch Specialist Cyber Force Able To Target Terror By packetstormsecurity.com Published On :: Fri, 28 Feb 2020 07:05:28 GMT Full Article headline hacker government britain cyberwar terror military