SolarWinds MSP PME Cache Service versions prior to 1.1.15 suffer from insecure file permission and code execution vulnerabilities.

Hacking Windows CE - This paper shows a buffer overflow exploitation example in Windows CE. It covers knowledge about the ARM architecture, memory management and the features of processes and threads of Windows CE. It also shows how to write a shellcode in Windows CE including knowledge about decoding shellcode of Windows CE.

Windows Mobile version 6.5 TR (WinCE 5.2) MessageBox shellcode for ARM.

Microsoft Windows Vista/7 suffers from a DLL hijacking vulnerability in lpksetup.exe.

Microsoft Windows Vista / 7 privilege escalation exploit that has UAC bypass.

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a stack overflow error in the OpenType Compact Font Format (CFF) driver "ATMFD.dll" when processing certain operands within an OpenType font, which could be exploited by remote attackers to execute arbitrary code on a vulnerable Windows 7, Windows Server 2008, Windows Server 2008 R2, and Windows Vista systems via a malicious font, or by local attackers to gain elevated privileges on Windows XP and Windows Server 2003 systems via a malicious application.

Microsoft Windows Vista/Server 2008 nsiproxy.sys local kernel denial of service exploit.

Swaparoo - Windows backdoor method for Windows Vista/7/8. This code sneaks a backdoor command shell in place of Sticky Keys prompt or Utilman assistant at login screen.

This Metasploit module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, publicly known as "Sandworm". Platforms such as Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable.

This Metasploit module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, publicly exploited in the wild as MS14-060 patch bypass. The Microsoft update tried to fix the vulnerability publicly known as "Sandworm". Platforms such as Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. However, based on our testing, the most reliable setup is on Windows platforms running Office 2013 and Office 2010 SP2. And please keep in mind that some other setups such as using Office 2010 SP1 might be less stable, and sometimes may end up with a crash due to a failure in the CPackage::CreateTempFileName function.

This Metasploit module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, bypassing the patch MS14-060, for the vulnerability publicly known as "Sandworm", on systems with Python for Windows installed. Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. However, based on our testing, the most reliable setup is on Windows platforms running Office 2013 and Office 2010 SP2. Please keep in mind that some other setups such as those using Office 2010 SP1 may be less stable, and may end up with a crash due to a failure in the CPackage::CreateTempFileName function.

Windows Defender Antivirus version 4.18.1908.7-0 suffers from a file extension spoofing vulnerability.

This is a proof of concept exploit that demonstrates the Microsoft Windows CryptoAPI spoofing vulnerability as described in CVE-2020-0601 and disclosed by the NSA.

NTCrackPipe is a basic local Windows account cracking tool.

Delta Industrial Automation DCISoft version 1.12.09 suffers from a stack buffer overflow vulnerability.

WordPress Windows Desktop and iPhone Photo Uploader plugin suffers from a remote shell upload vulnerability.

114 bytes small Linux/x86 bind shell generator shellcode.

Research by fDi Intelligence reveals which countries receive more than their ‘expected share’ of FDI. 

Research by fDi Intelligence reveals which cities received the most tech start-up FDI relative to their population between 2016 and 2018, with European cities coming out on top.

India’s 2020 budget continues the process of opening up to overseas investment.

Announced greenfield projects into China plummeted in early 2020 with the US and Europe taking the lion's share of global foreign investment. 

Bangladesh minister for ICT Zunaid Ahmed Palak talks to Jacopo Dettoni about the government’s ambitious Digital Bangladesh programme designed to reach village level. 

Tesla's decision part of broader trend of investment into Germany at UK's expense.

Despite its thriving automotive sector, Gothenburg is vulnerable to global economic pressures. However, local authorities are confident that their strategies will see the city ride out the uncertainties related to Brexit and the US-China trade wars.

A government bailout for the ailing subsidiary of the telecoms powerhouse has fallen through. 

Ajmal Ahmady, Afghanistan's minister of industries and commerce, outlines government efforts to make the country more conducive to business.

Pedro Calado, vice-president of Madeira’s regional government, tells Sebastian Shehadi about the island's capacity for more upmarket tourism and its ongoing struggle to gain financial independence from Portugal. 

Belarus’s Great Stone Industrial Park is another ambitious Belt and Road Initiative venture, designed to evolve into a smart city and industrial hub. But what are the benefits for Belarus or China? Jacopo Dettoni and Wendy Atkins report.

Project numbers drop almost 40% between 2017 and 2018.