Open redirection or URL redirection vulnerabilities occur when a web application takes user-controllable input and uses it to perform a redirection, directing the user’s browser to visit a different URL than the one requested (the original domain). These security vulnerabilities regularly are of much less interest to an attacker than cross-site scripting, which can be […]
I recently worked on a small toy project to execute untrusted Python code in Docker containers. This lead me to test several online code execution engines to see how they reacted to various attacks. While doing so, I found several interesting vulnerabilities in the code execution engine developed by Qualified, which is quite widely used including by […]
A staggering 8,000 vulnerabilities have been discovered in one of the most widespread medical advancements keeping people alive today: The pacemaker. White Scope, which has reported all of the vulnerabilities to DHS ICS-CERT, examined seven different pacemaker programmers from four different manufacturers, with a focus on programmers that have RF capabilities. Thousands of flaws in […]
Vulnerability defined as the weakness that allows attacker to enter in and harm, it may be a flaw in design or misconfiguration. In order to exploit the vulnerability attacker should have applicable tool or technique that connect to the system weakness. National Vulnerability Database NVD is the U.S. government repository of standards based vulnerability management […]
IBM Informix Dynamic Server and Informix Open Admin Tool contains 6 Critical Vulnerabilities including RCE and a Buffer overflow in HEAP. IBM Informix Dynamic Server for high-volume online Data server for transaction processing (OLTP), integrated applications, and now breathtakingly fast data warehouse/analytical workloads. IDS is well known for its hands-free administration. To make server administration even […]
Burp Suite is a graphical tool for testing Web application security. The tool is composed in Java and created by PortSwigger Security. Burp Scanner is composed by industry-driving penetration testers. Burp Scanner incorporates a full static code investigation engine for the discovery of security vulnerabilities. Burp’s scanning logic is persistently refreshed with upgrades to guarantee […]
Security vulnerabilities in the Hyundai Blue Link mobile apps allowed hackers to steal vehicles, the car maker fixed them. Security vulnerabilities in the Hyundai Blue Link mobile apps could be exploited by hackers to locate, unlock and start vehicles of the carmaker. The Blue Link application is available for both iOS and Android mobile OSs, it was […]
Cyber security experts disclosed the existence of 10 unpatched security flaws in dozens of Linksys routers widely used today. The IOActive senior security consultant Tao Sauvage and the independent security researcher Antide Petit have reported more than a dozen of unpatched security vulnerabilities affecting 25 different Linksys Smart Wi-Fi Routers models. The security duo published […]
Welcome back, in this tutorial you will learn how to scan and fingerprint a web server or device to find vulnerabilities. To achieve this we will be using a tool called Uniscan. This tutorial will require a Linux Operating system we recommend installing Kali Linux if you have not already done so. Requirements:Kali Linux Uniscan […]
Microsoft today patched a zero-day Word vulnerability that has been publicly attacked along with deploying fixes for Internet Explorer, Microsoft Edge and Windows 10. In all, nine Microsoft products received updates totaling 45 unique CVEs. Three of the vulnerabilities among Tuesday’s updates, according to Microsoft, are under active attack. One of the bugs (CVE-2017-0199) […]
Riverbed Technology has patched four serious vulnerabilities in its SteelCentral portal, a centralized application performance monitoring platform. The flaws could allow an attacker to access critical application data and move through the network to other Riverbed agents feeding data into the central platform. An attacker would need to be on the network already to exploit […]
Owners of Android and iOS devices should pay special attention to security updates released by Google and Apple on Monday, as they contain fixes for a series of critical bugs affecting their phone’s WiFi component. The issues, discovered by Google Project Zero security researcher Gal Beniamini, affect the Broadcom WiFi SoC (Software on Chip), included […]
Experts at Cylance disclosed two UEFI flaws that can be exploited by attackers to install a backdoor on some Gigabyte BRIX mini PCs. Experts at security firm Cylance have disclosed two UEFI vulnerabilities that can be exploited by attackers to install a backdoor on some Gigabyte BRIX mini PCs. The experts tested the latest firmware […]
Earlier this month, we teased a proof of concept for UEFI ransomware, which was presented at RSA Conference 2017. The HackingTeam, Snowden, Shadow Brokers, and Vault7 leaks have revealed that UEFI/BIOS implants aren’t just a theoretical concept, but have actually been weaponized by nation states to conduct cyber-espionage. Physical access requirements are a thing of […]
The SySS Radio Hack Box is a proof-of-concept software tool to demonstrate the replay and keystroke injection vulnerabilities of the wireless keyboard Cherry B.Unlimited AES. Requirements Raspberry Pi Raspberry Pi Radio Hack Box shield (a LCD, some LEDs, and some buttons) nRF24LU1+ USB radio dongle with flashed nrf-research-firmware by the Bastille Threat Research Team, e. […]
SQL Inject Me is a Firefox addon created by Security Compass it is used for finding SQL vulnerabilities in Web applications. SQL Injection vulnerabilities can cause a lot of damage to a web application. A malicious user can possibly view records, delete records, drop tables or gain access to your server. SQL Inject-Me is Firefox […]
Drupal is a content management software. It’s utilized to make a considerable amount of the websites and applications you utilize each day. Its tools help you to build the versatile, organized content that dynamic web experience require. Drupal is a platform the United States, London, France, and more use to communicate with the citizen. It’s the […]
Shorebreak Security penetration testers discovered seven serious vulnerabilities in the dnaLIMS web application during the course of a blackbox penetration test for a customer. Shorebreak notified the vendor, who appears to have no interest in fixing his flawed software that is in use publicly at several other organizations. Impact An unauthenticated attacker has the ability to execute system […]
For the last couple of year, Google has been releasing details about unpatched vulnerabilities discovered by its researchers in Microsoft’s products. Now, to save itself from further embarrassment Microsoft has launched its bug bounty program in which the company is willing to pay up to $30,000 to hackers and security researchers for reporting flaws in […]
As I said on my previous article, being a penetration tester makes us feel like a group of traveler. Today, I would like to share a details about yet another 0day vulnerability we’ve found during penetration test which later lead us to take down entire domain network. Several days ago, Mucahit -who is also author […]
Chinese router maker TP-Link is wrestling with the disclosure of a handful of vulnerabilities in its C2 and C20i routers. The most severe of the flaws lead to remote code execution on a device; the attack, however, would require an attacker first obtain valid credentials. Researcher Pierre Kim disclosed the issue last week in an […]