Trying to come up with new ways of data storage methods that last long enough, researchers at Harvard University seem to have devised a way that could fit library-sized data into a teaspoon of protein. It is suggested that the researchers have come up with a way of storing data in molecules, specifically oligopeptides. Oligopeptides […]
An ethical hacker from the International Institute of Cyber Security reports the discovery of critical security vulnerability in TCPDF, one of the most used PHP libraries to generate PDF files. According to the ethical hacker, the vulnerability could be exploited by malicious users to perform a remote code execution on web pages and applications that […]
A malicious code has infected Event-stream JavaScript library with the intention of stealing cryptocurrency from digital wallets. The popular JavaScript library is created to ease working with Node.js streaming modules, and is available via npmjs.com repository. The malicious code in the package caught the eye of researchers last week. Today, it has been revealed that […]
Event-stream Node.js module called is used in millions of web applications, including BitPay’s open-source bitcoin wallet, Copay. This module was reportedly compromised thanks to the laziness, and incompetence of the engineer. A hacker gained access to a popular JavaScript library and injected malicious code that steals Bitcoin and Bitcoin Cash funds stored in BitPay’s Copay wallet apps. The researcher identified this malicious […]
The team behind Apache Struts has strongly requested users to install the necessary updates to mitigate the risks generated by an old bug Apache Software Foundation has recently released a security alert where it reiterates its recommendation to Apache Struts users to ensure that their installations run a newer version of the Commons FileUpload library than 1.3.2, […]
This library is used by popular media players, along with a series of integrated devices with streaming capacities Cybersecurity and digital forensics researchers report the finding of a critical remote code execution vulnerability in the LIVE555 streaming library, the flaw has been identified with the key CVE-2018-4013. Maintained by Live Networks company, the library works […]
Security researchers have discovered a serious code execution vulnerability in the LIVE555 streaming media library—which is being used by popular media players, along with a number of embedded devices capable of streaming media. LIVE555 streaming media, developed and maintained by Live Networks, is a set of C++ libraries companies and application developers use to stream […]
This article has been updated with a statement from Live Networks, Inc explaining that the flaw only affected their implementation of RTSP server, which VLC and MPlayer do not use. The IT security researcher at Cisco Talos Intelligence Group has discovered a critical remote code execution vulnerability CVE-2018-4013 in the LIVE555 media streaming library. Maintained by the […]
SharpSploit is a .NET post-exploitation library written in C# that aims to highlight the attack surface of .NET and make the use of offensive .NET easier for red teamers. It is named, in part, as a homage to the PowerSploit project, a personal favorite of mine! While SharpSploit does port over some functionality from PowerSploit, […]
Recently we saw an attempt to hide a back door in a code library, and today there is a new case. This time, information security experts found the backdoor in a Python module. In the SSH Decorator module (ssh-decorate), created by the Israeli developer Uri Goren, which is a library for handling SSH connections from the Python […]
PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading header information from: MSDOS Header, COFF File Header, Optional Header, Section Table Reading standard section formats: Import Section, […]
The official blog of jQuery—most popular JavaScript library used by millions of websites—has been hacked by some unknown hackers, using the pseudonym “str0ng” and “n3tr1x.” jQuery’s blog website (blog.jquery.com) runs on WordPress—the world’s most popular content management system (CMS) used by millions of websites. While there is no evidence yet if the server (code.jquery.com) that […]
Fast and powerful SSL/TLS server scanning library for Python 2.7 and 3.3+. Description SSLyze is a Python library and a CLI tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL/TLS servers. […]
A vulnerability codenamed Devil’s Ivy is putting thousands of Internet-connected devices at risk of hacking. Discovered by security researchers from Senrio, the flaw affects gSOAP, a C/C++ library widely used in the development of firmware for embedded devices. gSOAP is a dual licensed (free and commercial) product developed by Genivia, who on its website says the library […]
The simple line of code made it possible for attackers to view private Yahoo Mail images. Yahoo has decided to retire the use of the ImageMagick library following a researcher’s disclosure of a simple way to break the system to cause email information leaks. Last week, security researcher Chris Evans demonstrated the exploit and released […]
Tutorials on Windows DLL injections in C have noticable gaps in what they explain. This blog post plus the comments on my implementation should address most questions a newcomer might have. Here’s my code on GitHub. Note that most of my code is directly taken from the Microsoft Developer Network (MSDN). Implementing this was a […]
Short Bytes: FAISS is an open-source library released by Facebook for similarity search and clustering high-dimensional data. This library finds application in complex datasets like images and videos which could not fit in RAM all at once. With the advent of highly successful Machine Learning methods, there has been a boom in big datasets across […]
If you were trying to use the public computers at St Louis Public Library this week you may have experienced more than your fair share of problems.
Litesploit is a library and intepreter for penetration testing tools. This includes exploits, tools and litepreter. Litesploit support for Linux like ubuntu or debian, and more distro penetration testing like BackBox and Kali Linux Platform Support Linux Ubuntu Yes Linux Debian Yes Microsoft Windows No Installation Requirements PHP 5 or higher GCC Zephir […]
The online hacktivist Anonymous breached into the subdomain of the National Agriculture Library (NAL) and leaked personal details of staff and other users. The attack was conducted 28th October 2015 under the banner of operation OpMonsanto in which NAL, a subdomain of the official website of the U.S. Department of Agriculture was under attack. Anonymous hackers […]
Since Edward Snowden exposed the extent of online surveillance by the US government, there has been a surge of initiatives to protect users’ privacy. But it hasn’t taken long for one of these efforts—aproject to equip local libraries with technology supporting anonymous Internet surfing—to run up against opposition from law enforcement. In July, the Kilton Public […]