ag Digital Whisper Electronic Magazine #93 By packetstormsecurity.com Published On :: Wed, 01 Aug 2018 02:22:22 GMT Digital Whisper Electronic Magazine issue 93. Written in Hebrew. Full Article
ag Digital Whisper Electronic Magazine #94 By packetstormsecurity.com Published On :: Wed, 01 Aug 2018 03:03:33 GMT Digital Whisper Electronic Magazine issue 94. Written in Hebrew. Full Article
ag Digital Whisper Electronic Magazine #95 By packetstormsecurity.com Published On :: Wed, 01 Aug 2018 04:44:44 GMT Digital Whisper Electronic Magazine issue 95. Written in Hebrew. Full Article
ag Digital Whisper Electronic Magazine #96 By packetstormsecurity.com Published On :: Wed, 01 Aug 2018 05:22:22 GMT Digital Whisper Electronic Magazine issue 96. Written in Hebrew. Full Article
ag Digital Whisper Electronic Magazine #97 By packetstormsecurity.com Published On :: Wed, 01 Aug 2018 06:22:22 GMT Digital Whisper Electronic Magazine issue 97. Written in Hebrew. Full Article
ag Digital Whisper Electronic Magazine #98 By packetstormsecurity.com Published On :: Tue, 16 Oct 2018 04:44:44 GMT Digital Whisper Electronic Magazine issue 98. Written in Hebrew. Full Article
ag Digital Whisper Electronic Magazine #99 By packetstormsecurity.com Published On :: Tue, 16 Oct 2018 10:11:11 GMT Digital Whisper Electronic Magazine issue 99. Written in Hebrew. Full Article
ag Digital Whisper Electronic Magazine 100 By packetstormsecurity.com Published On :: Mon, 03 Jun 2019 02:22:22 GMT Digital Whisper Electronic Magazine issue 100. Written in Hebrew. Full Article
ag Digital Whisper Electronic Magazine #101 By packetstormsecurity.com Published On :: Mon, 03 Jun 2019 04:44:44 GMT Digital Whisper Electronic Magazine issue 101. Written in Hebrew. Full Article
ag Digital Whisper Electronic Magazine #102 By packetstormsecurity.com Published On :: Mon, 03 Jun 2019 05:02:22 GMT Digital Whisper Electronic Magazine issue 102. Written in Hebrew. Full Article
ag Digital Whisper Electronic Magazine #103 By packetstormsecurity.com Published On :: Mon, 03 Jun 2019 10:32:22 GMT Digital Whisper Electronic Magazine issue 103. Written in Hebrew. Full Article
ag Digital Whisper Electronic Magazine #105 By packetstormsecurity.com Published On :: Mon, 03 Jun 2019 13:02:22 GMT Digital Whisper Electronic Magazine issue 105. Written in Hebrew. Full Article
ag Digital Whisper Electronic Magazine #106 By packetstormsecurity.com Published On :: Mon, 03 Jun 2019 14:02:22 GMT Digital Whisper Electronic Magazine issue 106. Written in Hebrew. Full Article
ag Digital Whisper Electronic Magazine #107 By packetstormsecurity.com Published On :: Mon, 03 Jun 2019 14:44:44 GMT Digital Whisper Electronic Magazine issue 107. Written in Hebrew. Full Article
ag Digital Whisper Electronic Magazine #104 By packetstormsecurity.com Published On :: Mon, 03 Jun 2019 15:22:22 GMT Digital Whisper Electronic Magazine issue 104. Written in Hebrew. Full Article
ag Linux/x64 Reverse TCP Stager Shellcode By packetstormsecurity.com Published On :: Tue, 17 Dec 2019 13:03:33 GMT 188 bytes small Lnux/x64 reverse TCP stager shellcode. Full Article
ag Sagemcom Fast 3890 Remote Code Execution By packetstormsecurity.com Published On :: Tue, 14 Jan 2020 15:51:01 GMT This exploit uses the Cable Haunt vulnerability to open a shell for the Sagemcom F@ST 3890 (50_10_19-T1) cable modem. The exploit serves a website that sends a malicious websocket request to the cable modem. The request will overflow a return address in the spectrum analyzer of the cable modem and using a rop chain start listening for a tcp connection on port 1337. The server will then send a payload over this tcp connection and the modem will start executing the payload. The payload will listen for commands to be run in the eCos shell on the cable modem and redirect STDOUT to the tcp connection. Full Article
ag NSA Hacking Tools Used Against Nuke, Aerospace Worlds By packetstormsecurity.com Published On :: Mon, 22 Oct 2018 14:35:34 GMT Full Article headline hacker government usa space data loss cyberwar nsa scada
ag Russian Malware Used In An Attempt To Sabotage Saudi Petrol Plant By packetstormsecurity.com Published On :: Wed, 24 Oct 2018 14:14:11 GMT Full Article headline hacker malware russia cyberwar saudi arabia scada
ag Hackers Hit US Health Agency During Coronavirus Crisis By packetstormsecurity.com Published On :: Mon, 16 Mar 2020 13:45:12 GMT Full Article headline hacker government usa virus
ag NagiosXI 5.6 Remote Command Execution By packetstormsecurity.com Published On :: Wed, 08 Apr 2020 16:30:28 GMT This is a whitepaper tutorial that walks through creating a proof of concept exploit for a remote command execution vulnerability in NagiosXI version 5.6. Full Article
ag NagiosXI 5.6.11 Remote Command Execution By packetstormsecurity.com Published On :: Wed, 08 Apr 2020 16:36:48 GMT This is a whitepaper tutorial that describes steps taken to identify post-authentication remote command execution vulnerabilities in NagiosXI version 5.6.11. Full Article
ag ManageEngine 14 Remote Code Execution By packetstormsecurity.com Published On :: Wed, 08 Apr 2020 16:39:26 GMT This is a whitepaper tutorial that describes steps taken to identify post-authentication remote code execution vulnerabilities in ManageEngine version 14. Full Article
ag Packet Storm Exploit 2013-0811-1 - Oracle Java storeImageArray() Invalid Array Indexing Code Execution By packetstormsecurity.com Published On :: Mon, 12 Aug 2013 04:11:58 GMT Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program. Full Article
ag Packet Storm Advisory 2013-0811-1 - Oracle Java storeImageArray() By packetstormsecurity.com Published On :: Mon, 12 Aug 2013 04:34:58 GMT Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll. This vulnerability allows for remote code execution. User interaction is required for this exploit in that the target must visit a malicious page or open a malicious file. This finding was obtained through the Packet Storm Bug Bounty program. Full Article
ag Java storeImageArray() Invalid Array Indexing By packetstormsecurity.com Published On :: Fri, 16 Aug 2013 23:52:40 GMT This Metasploit module abuses an Invalid Array Indexing Vulnerability on the static function storeImageArray() function in order to produce a memory corruption and finally escape the Java Sandbox. The vulnerability affects Java version 7u21 and earlier. The module, which doesn't bypass click2play, has been tested successfully on Java 7u21 on Windows and Linux systems. This was created based upon the Packet Storm Bug Bounty release for this issue. Full Article
ag Microsoft Windows .Reg File / Dialog Box Message Spoofing By packetstormsecurity.com Published On :: Mon, 11 Mar 2019 23:02:22 GMT The Windows registry editor allows specially crafted .reg filenames to spoof the default registry dialog warning box presented to an end user. This can potentially trick unsavvy users into choosing the wrong selection shown on the dialog box. Furthermore, we can deny the registry editor its ability to show the default secondary status dialog box (Win 10), thereby hiding the fact that our attack was successful. Full Article
ag ManageEngine DataSecurity Plus Path Traversal / Code Execution By packetstormsecurity.com Published On :: Fri, 08 May 2020 19:40:45 GMT ManageEngine DataSecurity Plus versions prior to 6.0.1 and ADAudit Plus versions prior to 6.0.3 suffers from a path traversal vulnerability that can lead to remote code execution. Full Article
ag ManageEngine Asset Explorer Windows Agent Remote Code Execution By packetstormsecurity.com Published On :: Fri, 08 May 2020 19:56:17 GMT The ManageEngine Asset Explorer windows agent suffers form a remote code execution vulnerability. All versions prior to 1.0.29 are affected. Full Article
ag LabVantage 8.3 Information Disclosure By packetstormsecurity.com Published On :: Mon, 17 Feb 2020 17:27:30 GMT LabVantage version 8.3 suffers from an information disclosure vulnerability. Full Article
ag ManageEngine EventLog Analyzer 10.0 Information Disclosure By packetstormsecurity.com Published On :: Mon, 24 Feb 2020 01:32:22 GMT ManageEngine EventLog Analyzer version 10.0 suffers from an information disclosure vulnerability. Full Article
ag Cisco M1070 Content Security Management Appliance IronPort Header Injection By packetstormsecurity.com Published On :: Tue, 03 Sep 2019 16:35:49 GMT Cisco M1070 Content Security Management Appliance IronPort remote host header injection exploit. Full Article
ag Cisco Content Security Management Virtual Appliance M600V IronPort Header Injection By packetstormsecurity.com Published On :: Wed, 04 Sep 2019 14:09:14 GMT Cisco Content Security Management Virtual Appliance M600V IronPort remote host header injection exploit. Full Article
ag Cisco DCNM JBoss 10.4 Credential Leakage By packetstormsecurity.com Published On :: Wed, 08 Jan 2020 16:35:15 GMT Cisco DCNM JBoss version 10.4 suffers from a credential leakage vulnerability. Full Article
ag Cisco Data Center Network Manager 11.2 Remote Code Execution By packetstormsecurity.com Published On :: Thu, 06 Feb 2020 17:45:40 GMT Cisco Data Center Network Manager version 11.2 remote code execution exploit. Full Article
ag Cisco Data Center Network Manager 11.2.1 SQL Injection By packetstormsecurity.com Published On :: Thu, 06 Feb 2020 17:48:08 GMT Cisco Data Center Network Manager version 11.2.1 suffers from a remote SQL injection vulnerability. Full Article
ag Cisco Data Center Network Manager 11.2.1 Command Injection By packetstormsecurity.com Published On :: Thu, 06 Feb 2020 17:51:21 GMT Cisco Data Center Network Manager version 11.2.1 remote command injection exploit. Full Article
ag ImageMagick Memory Leak By packetstormsecurity.com Published On :: Tue, 20 Nov 2018 16:09:00 GMT ImageMagick versions prior to 7.0.8-9 suffers from a memory leak vulnerability. Full Article
ag KVM kvm_inject_page_fault Uninitialized Memory Leak By packetstormsecurity.com Published On :: Sat, 16 Feb 2019 14:53:29 GMT KVM suffers from an uninitialized memory leak vulnerability in kvm_inject_page_fault. Full Article
ag Irix LPD tagprinter Command Execution By packetstormsecurity.com Published On :: Tue, 27 Oct 2009 16:00:56 GMT This Metasploit module exploits an arbitrary command execution flaw in the in.lpd service shipped with all versions of Irix. Full Article
ag Oracle Warns Of Attacks Against Recently Patched WebLogic Security Bug By packetstormsecurity.com Published On :: Fri, 01 May 2020 13:36:40 GMT Full Article headline hacker flaw patch oracle
ag Android Trojan Has Miner So Aggressive It Can Bork Your Battery By packetstormsecurity.com Published On :: Tue, 19 Dec 2017 14:22:11 GMT Full Article headline malware phone trojan flaw google
ag Trojan Malware Campaign Expands With Attacks Against New Banks By packetstormsecurity.com Published On :: Thu, 23 Aug 2018 15:37:24 GMT Full Article headline malware bank trojan cybercrime fraud
ag Magecart Group Linked To Dridex Banking Trojan, Carbanak By packetstormsecurity.com Published On :: Tue, 22 Oct 2019 17:10:02 GMT Full Article headline hacker malware bank trojan cybercrime fraud
ag U.S. Agencies Get Ready For Election Interference By packetstormsecurity.com Published On :: Tue, 03 Mar 2020 14:01:08 GMT Full Article headline government usa russia fraud cyberwar
ag DarkHotel Hackers Use VPN Zero-Day To Breach Chinese Government Agencies By packetstormsecurity.com Published On :: Mon, 06 Apr 2020 18:18:05 GMT Full Article headline hacker government malware virus china cyberwar
ag Officials Say State-Backed Hackers Taking Advantage Of Outbreak By packetstormsecurity.com Published On :: Thu, 09 Apr 2020 14:33:43 GMT Full Article headline government malware virus cyberwar
ag Naikon APT Hid Five Year Espionage Attack Under Radar By packetstormsecurity.com Published On :: Fri, 08 May 2020 14:22:52 GMT Full Article headline malware china cyberwar govenrment
ag Inside An Instagram Celebrity Hacking Campaign By packetstormsecurity.com Published On :: Mon, 23 Mar 2020 14:27:32 GMT Full Article headline privacy password phish facebook
ag Nagios XI Authenticated Remote Command Execution By packetstormsecurity.com Published On :: Tue, 10 Mar 2020 13:17:29 GMT This Metasploit module exploits a vulnerability in Nagios XI versions before 5.6.6 in order to execute arbitrary commands as root. The module uploads a malicious plugin to the Nagios XI server and then executes this plugin by issuing an HTTP GET request to download a system profile from the server. For all supported targets except Linux (cmd), the module uses a command stager to write the exploit to the target via the malicious plugin. This may not work if Nagios XI is running in a restricted Unix environment, so in that case the target must be set to Linux (cmd). The module then writes the payload to the malicious plugin while avoiding commands that may not be supported. Valid credentials for a user with administrative privileges are required. This module was successfully tested on Nagios XI 5.6.5 running on CentOS 7. The module may behave differently against older versions of Nagios XI. Full Article