Happy.birth(day);
/* 17 - 08 -1936 */

Hypervisor introspection from guest VM with the help of DIY Hyper-V backdoor . (1)

Hypervisor introspection from guest VM with the help of DIY Hyper-V backdoor (2)

CVE-2017-6327: Symantec Messaging Gateway <= 10.6.3-2 unauthenticated root RCE

http://seclists.org/fulldisclosure/2017/Aug/28

#Alerta :

Nuevo #Ransomware SyncCrypt se oculta en archivos JPG.

https://www.bleepingcomputer.com/news/security/synccrypt-ransomware-hides-inside-jpg-files-appends-kk-extension/

telmex down !!

Aproximadamente desde las 17:00 hrs los servicios de #Telmex no funcionan, esta es una gráfica de los estados en los que los usuarios se han quejado de esta falla.

Tranquilos, los ingenieros de Telmex se encuentran solucionando los problemas técnicos. </LOL>

:) gracias mr slim !

Bitdefender: Heap Buffer Overflow via 7z LZMA


A few days after having published the post about the Bitdefender stack buffer overflow via 7z PPMD1, I discovered a new bug in Bitdefender’s product. While this is a 7z bug, too, it has nothing to do with the previous bug or with the PPMD codec. Instead, it concerns dynamic memory management. In contrast to the previous post2, which described an arbitrary free vulnerability in F-Secure’s anti-virus product, this post presents the first heap buffer overflow of this blog series.


https://landave.io/2017/08/bitdefender-heap-buffer-overflow-via-7z-lzma/

Who needs Macros when you have PowerPoint "Mouse Over Actions" 😀😀

Office 2016 -> save as PPS 2003-2007 version.

Apple's .pkg installer app loads unsigned dylibs from /tmp into its trusted (entitled) process context🍎 Non-priv'd local code can hijack ☠️🤷

The Hacker Crackdown is now available online. https://archive.org/details/hypercard_the-hacker-crackdown

Microsoft and Red Hat announces expanded partnership enabling enterprises to more easily adopt containers

http://u.tpx.mx/lolmsrdht

Exploiting Industrial Collaborative Robots http://blog.ioactive.com/2017/08/Exploiting-Industrial-Collaborative-Robots.html