a denial of service bug worth 1000$
https://hackerone.com/reports/1018037
https://hackerone.com/reports/1018037
HackerOne
Basecamp disclosed on HackerOne: a very long name in hey.com can...
Summary :
=========
after trying to change my initial name to something long i found out that their are no limits to how long it can be , so i directly changed it to something very long {F1050497}...
=========
after trying to change my initial name to something long i found out that their are no limits to how long it can be , so i directly changed it to something very long {F1050497}...
PoC exploits for CVE-2020-17143 and CVE-2020-17141 which demonstrate the XXE bugs against Exchange Server.
- Low privileged authentication only
- CVE-2020-17141 is interesting because its in the EWS API
https://srcincite.io/pocs/cve-2020-17143.py.txt
https://srcincite.io/pocs/cve-2020-17141.py.txt
- Low privileged authentication only
- CVE-2020-17141 is interesting because its in the EWS API
https://srcincite.io/pocs/cve-2020-17143.py.txt
https://srcincite.io/pocs/cve-2020-17141.py.txt
Forwarded from Security Analysis
CVE-2020-25695 Privilege Escalation in Postgresql - Staaldraad
https://staaldraad.github.io/post/2020-12-15-cve-2020-25695-postgresql-privesc/
#db #pe #postgresql @securation
https://staaldraad.github.io/post/2020-12-15-cve-2020-25695-postgresql-privesc/
#db #pe #postgresql @securation
Staaldraad
CVE-2020-25695 Privilege Escalation in Postgresql
It has been quite a year, I hope everyone is well and staying safe. This is my first and probably only post for the year, and covers a fun privilege escalation vulnerability I found in Postgresql. This affects all supported versions of Postgresql going back…
Trump Twitter Account Hacked, No Charges: Dutch Prosecutors
https://ift.tt/2KAz4HZ
https://ift.tt/2KAz4HZ
SecurityWeek
Trump Twitter Account Hacked, No Charges: Dutch Prosecutors
Dutch prosecutors said a man had cracked US President Donald Trump's Twitter account in October despite denials from Washington and the company.
#Privacy and #CyberCrime: Apple, Google, Microsoft, and Mozilla ban Kazakhstan's 🇰🇿 MitM HTTPS certificate.
https://www.zdnet.com/article/apple-google-microsoft-and-mozilla-ban-kazakhstans-mitm-https-certificate
https://www.zdnet.com/article/apple-google-microsoft-and-mozilla-ban-kazakhstans-mitm-https-certificate
ZDNet
Apple, Google, Microsoft, and Mozilla ban Kazakhstan's MitM HTTPS certificate
This marks the second time browsers makers had to intervene and block a certificate used by the Kazakhstan government to spy on its citizens.
Data Science Full Course in 12 Hours
by Intellipaat
#datascience
https://www.youtube.com/watch?v=82pV44hr7kQ
by Intellipaat
#datascience
https://www.youtube.com/watch?v=82pV44hr7kQ
YouTube
Data Science Course | Data Science Tutorial | Intellipaat
🔵 Intellipaat Data Science Training: https://intellipaat.com/data-scientist-course-training/
This is a Live Data Science session conducted by top industry experts. In this live event, we will teach you to complete data science from basics to advance level…
This is a Live Data Science session conducted by top industry experts. In this live event, we will teach you to complete data science from basics to advance level…
Israel based hacking company Celebite claims to have cracked the encryption of Signal messenger.
https://www.cellebrite.com/en/blog/cellebrites-new-solution-for-decrypting-the-signal-app/
Response from the creator of Signal:
https://mobile.twitter.com/moxie/status/1337434126186553345
Reference:
https://www.bbc.com/news/amp/technology-55412230
https://www.cellebrite.com/en/blog/cellebrites-new-solution-for-decrypting-the-signal-app/
Response from the creator of Signal:
https://mobile.twitter.com/moxie/status/1337434126186553345
Reference:
https://www.bbc.com/news/amp/technology-55412230
Google hackers disclose exploit for an UNPATCHED Windows vulnerability (CVE-2020-0986) that was exploited as 0-day in the wild, for which Microsoft issued an incomplete patch and then failed to patch it again under the 90-day deadline.
Read — https://thehackernews.com/2020/12/google-discloses-poorly-patched-now.html
Read — https://thehackernews.com/2020/12/google-discloses-poorly-patched-now.html
Ongoing DDoS attack impacting Netscaler ADCS.
https://www.bleepingcomputer.com/news/security/citrix-confirms-ongoing-ddos-attack-impacting-netscaler-adcs/
https://www.bleepingcomputer.com/news/security/citrix-confirms-ongoing-ddos-attack-impacting-netscaler-adcs/
BleepingComputer
Citrix confirms ongoing DDoS attack impacting NetScaler ADCs
Citrix has confirmed today that an ongoing 'DDoS attack pattern' using DTLS as an amplification vector is affecting Citrix Application Delivery Controller (ADC) networking appliances with EDT enabled.
Vulnerabilities in McAfee ePolicy Orchestrator
https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/
https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/
PT SWARM
Vulnerabilities in McAfee ePolicy Orchestrator
This August, I discovered three vulnerabilities in McAfee ePolicy Orchestrator (ePO) version 5.10.0. McAfee ePO is software that helps IT administrators unify security management across endpoints, networks, data, and compliance solutions from McAfee and…
Best of Linux Privilege Escalation
Linux Privilege Escalation using Capabilities
https://lnkd.in/fuj7vUD
Lxd Privilege Escalation
https://lnkd.in/gRfBdJt
Docker Privilege Escalation
https://lnkd.in/f9kreJj
Exploiting Wildcard for Privilege Escalation
https://lnkd.in/dj3dagD
Linux Privilege Escalation using LD_Preload
https://lnkd.in/gbZJ9Mn
Linux Privilege Escalation Using PATH Variable
https://lnkd.in/fDNjsgB
Linux Privilege Escalation using Misconfigured NFS
https://lnkd.in/fgJfS3x
Linux Privilege Escalation using Sudo Rights
https://lnkd.in/fxPnTiU
Linux Privilege Escalation using SUID Binaries
https://lnkd.in/fkciJKr
Editing /etc/passwd File for Privilege Escalation
https://lnkd.in/fVj3c28
Linux Privilege Escalation using Capabilities
https://lnkd.in/fuj7vUD
Lxd Privilege Escalation
https://lnkd.in/gRfBdJt
Docker Privilege Escalation
https://lnkd.in/f9kreJj
Exploiting Wildcard for Privilege Escalation
https://lnkd.in/dj3dagD
Linux Privilege Escalation using LD_Preload
https://lnkd.in/gbZJ9Mn
Linux Privilege Escalation Using PATH Variable
https://lnkd.in/fDNjsgB
Linux Privilege Escalation using Misconfigured NFS
https://lnkd.in/fgJfS3x
Linux Privilege Escalation using Sudo Rights
https://lnkd.in/fxPnTiU
Linux Privilege Escalation using SUID Binaries
https://lnkd.in/fkciJKr
Editing /etc/passwd File for Privilege Escalation
https://lnkd.in/fVj3c28
lnkd.in
LinkedIn
This link will take you to a page that’s not on LinkedIn