Aggregator
CVE-2005-1857 | simpleproxy 2.2b/3.0/3.1/3.2 memory corruption (VU#139421 / Nessus ID 19529)
CVE-2005-2344 | RIM BlackBerry Enterprise Server 4.0 memory corruption (VU#646976 / Nessus ID 20982)
CVE-2005-2455 | Greasemonkey 0.3.3 api information disclosure (EDB-26017 / XFDB-21453)
CVE-2005-1609 | Sun StorEdge 6130 Arrays Stored Remote Code Execution (VU#812438 / XFDB-20542)
CVE-2005-1530 | Sophos Anti-Virus up to 5.0.1 ZIP Archive Extra Field Length infinite loop (XFDB-21373 / SBV-9684)
VAC kernel-mode bypass: Fully working kernel-mode VAC bypass
VAC kernel-mode bypass Fully working VAC kernel-mode bypass, it makes use of either SSDT hooks or Infinityhook to intercept VAC syscalls and ultimately spoof the results in order to bypass the memory integrity checks....
The post VAC kernel-mode bypass: Fully working kernel-mode VAC bypass appeared first on Penetration Testing Tools.
domain-protect: prevent subdomain takeover
domain-protect scan Amazon Route53 across an AWS Organization for domain records vulnerable to takeover scan Cloudflare for vulnerable DNS records take over vulnerable subdomains yourself before attackers and bug bounty researchers automatically create known issues in Bugcrowd or HackerOne...
The post domain-protect: prevent subdomain takeover appeared first on Penetration Testing Tools.
CatSniffer: original multiprotocol, and multiband board made for sniffing, communicating, and attacking IoT devices
CatSniffer CatSniffer (😼) is an original multiprotocol, and multiband board made for sniffing, communicating, and attacking IoT (Internet of Things) devices. It was designed as a highly portable USB stick that integrates the new...
The post CatSniffer: original multiprotocol, and multiband board made for sniffing, communicating, and attacking IoT devices appeared first on Penetration Testing Tools.
【年底冲刺】最高2倍积分奖励
CVE-2014-3631 | Linux Kernel 3.16.0/3.16.1/3.16.2 Array Garbage null pointer dereference (USN-2378-1 / EDB-36268)
NERCIS合规检测工具箱11月22日正式发布
Will Arrests Squash Scattered Spider's Cybercrime Assault?
Will the indictment of five alleged members of the loosely affiliated Scattered Spider cybercrime group disrupt its wider activities? The current count of known attacks tied to the group stands at over 130, but the accused have so far been tied by the FBI to only 45 of the attacks.
CISA Red Team Finds Alarming Critical Infrastructure Risks
The U.S., cyber defense agency is urging critical infrastructure operators to learn from the experience of a volunteer read teaming test and not rely too heavily on host-based endpoint detection and response solutions at the expense of network layer protections.
GAO: HHS Needs to Be a Better Leader in Health Sector Cyber
The U.S. Department of Health and Human Services needs to take important actions to do a better job of carrying out its duties as the lead federal agency responsible for strengthening cybersecurity in the healthcare and public health sector, said a new federal watch dog agency report.
Wiz Fortifies Application Security With $450M Dazz Purchase
Wiz acquired application security posture management startup Dazz for $450 million to provide enterprises with a unified code-to-cloud solution. CEO Merav Bahat highlights how this partnership will streamline vulnerability management and strengthen remediation capabilities for global organizations.
British Lawmakers Leery of Losing EU Adequacy Status
British lawmakers sought assurances Tuesday from the U.K. government that proposed data use reform legislation will not cause the country to lose its data-sharing rights with the European Union. Lawmakers also warned about potential AI risks arising from the bill.