🕴 TrickBot Group Adds New PowerShell-Based Backdoor to Arsenal 🕴
📖 Read
via "Dark Reading: ".
PowerTrick is sort of a custom-version of PowerShell Empire and can be used to download additional malware, SentinelOne says.📖 Read
via "Dark Reading: ".
Dark Reading
TrickBot Group Adds New PowerShell-Based Backdoor to Arsenal
PowerTrick is sort of a custom-version of PowerShell Empire and can be used to download additional malware, SentinelOne says.
ATENTION‼ New - CVE-2012-2724
📖 Read
via "National Vulnerability Database".
The Simplenews module 6.x-1.x before 6.x-1.4, 6.x-2.x before 6.x-2.0-alpha4, and 7.x-1.x before 7.x-1.0-rc1 for Drupal reveals the email addresses of new mailing list subscribers when confirmation is required, which allows remote attackers to obtain sensitive information via the confirmation page.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-2714
📖 Read
via "National Vulnerability Database".
The BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users via the audience identifier.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-1261
📖 Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in cgi-bin/scrut_fa_exclusions.cgi in Plixer International Scrutinizer NetFlow and sFlow Analyzer 8.6.2.16204 and other versions before 9.0.1.19899 allows remote attackers to inject arbitrary web script or HTML via the standalone parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-1260
📖 Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allows remote attackers to inject arbitrary web script or HTML via the newUser parameter. NOTE: this might not be a vulnerability, since an administrator might already have the privileges to create arbitrary script.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-1259
📖 Read
via "National Vulnerability Database".
Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the (1) addip parameter to cgi-bin/scrut_fa_exclusions.cgi, (2) getPermissionsAndPreferences parameter to cgi-bin/login.cgi, or (3) possibly certain parameters to d4d/alarms.php as demonstrated by the search_str parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-1258
📖 Read
via "National Vulnerability Database".
cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer before 9.0.1.19899 does not validate user permissions, which allow remote attackers to add user accounts with administrator privileges via the newuser, pwd, and selectedUserGroup parameters.📖 Read
via "National Vulnerability Database".
🔐 Patscan platform detects hidden weapons, chemicals and bombs 🔐
📖 Read
via "Security on TechRepublic".
At CES 2020, Patriot One Technologies explained its Patscan platform, which can detect hidden weapons and more without the perpetrator even knowing they've been scanned.📖 Read
via "Security on TechRepublic".
TechRepublic
Patscan platform detects hidden weapons, chemicals and bombs
At CES 2020, Patriot One Technologies explained its Patscan platform, which can detect hidden weapons and more without the perpetrator even knowing they've been scanned.
🕴 Chinese Malware Found Preinstalled on US Government-Funded Phones 🕴
📖 Read
via "Dark Reading: ".
Researchers found unremovable malware preinstalled in the Unimax U686CL, a budget Android device sold by Assurance Wireless.📖 Read
via "Dark Reading: ".
Darkreading
Chinese Malware Found Preinstalled on US Government-Funded Phones
Researchers found unremovable malware preinstalled in the Unimax U686CL, a budget Android device sold by Assurance Wireless.
ATENTION‼ New - CVE-2012-5558
📖 Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in the Smiley module 6.x-1.x versions prior to 6.x-1.1 and Smileys module 6.x-1.x versions prior to 6.x-1.1 for Drupal allows remote authenticated users with the "administer smiley" permission to inject arbitrary web script or HTML via a smiley acronym.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-4434
📖 Read
via "National Vulnerability Database".
fwknop before 2.0.3 allow remote authenticated users to cause a denial of service (server crash) or possibly execute arbitrary code.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-3810
📖 Read
via "National Vulnerability Database".
Samsung Kies before 2.5.0.12094_27_11 has registry modification.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-3809
📖 Read
via "National Vulnerability Database".
Samsung Kies before 2.5.0.12094_27_11 has arbitrary directory modification.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-3808
📖 Read
via "National Vulnerability Database".
Samsung Kies before 2.5.0.12094_27_11 has arbitrary file modification.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-3807
📖 Read
via "National Vulnerability Database".
Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-3806
📖 Read
via "National Vulnerability Database".
Samsung Kies before 2.5.0.12094_27_11 contains a NULL pointer dereference vulnerability which could allow remote attackers to perform a denial of service.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-3490
📖 Read
via "National Vulnerability Database".
The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-2950
📖 Read
via "National Vulnerability Database".
Gateway Geomatics MapServer for Windows before 3.0.6 contains a Local File Include Vulnerability which allows remote attackers to execute local PHP code and obtain sensitive information.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-2931
📖 Read
via "National Vulnerability Database".
PHP code injection in TinyWebGallery before 1.8.8 allows remote authenticated users with admin privileges to inject arbitrary code into the .htusers.php file.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-2226
📖 Read
via "National Vulnerability Database".
Invision Power Board before 3.3.1 fails to sanitize user-supplied input which could allow remote attackers to obtain sensitive information or execute arbitrary code by uploading a malicious file.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-2142
📖 Read
via "National Vulnerability Database".
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.📖 Read
via "National Vulnerability Database".