TSEC NEWS: 10.04.21 - Back again ||| cooming soon - 1. TSec-Accounts 2.comments 3. personalized feed... if i have the time

❈ S3 Ep27: Census scammers, beg bounties and data breach fines [Podcast]

IT Security Nachrichten nakedsecurity.sophos.com

New episode - listen now!...


Kompletten Artikel lesen (externe Quelle: https://nakedsecurity.sophos.com/2021/04/08/s3-ep27-census-scammers-beg-bounties-and-data-breach-fines-podcast/)

Zur Team IT Security IT Sicherheit Nachrichtenportal Startseite

➤ Weitere Beiträge von Team Security | IT Sicherheit (tsecurity.de)

Diving Deep Into a Pwn2Own Winning WebKit Bug

vom 405.4 Punkte
Pwn2Own Tokyo just completed, and it got me thinking about a WebKit bug used by the team of Fluoroacetate (Amat Cama and Richard Zhu) at this year’s Pwn2Own in Vancouver. It was a part of the chain that earned them $55,000 and was a nifty piece of

CVE-2020-0932: Remote Code Execution on Microsoft SharePoint Using TypeConverters

vom 316.35 Punkte
In April 2020, Microsoft released four Critical and two Important-rated patches to fix remote code execution bugs in Microsoft SharePoint. All these are deserialization bugs. Two came through the ZDI program from an anonymous researcher: CVE-2020-0931

CVE-2020-0729: Remote Code Execution Through .LNK Files

vom 267.7 Punkte
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, John Simpson and Pengsu Cheng of the Trend Micro Research Team detail a recent remote code execution bug in Microsoft Windows .LNK files. The following is a portion of

AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations

vom 259.29 Punkte
Original release date: December 17, 2020<br/><h3>Summary</h3><p class="tip-intro" style="font-size: 15px;"><em>This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&amp;CK®) version 8 framework.

ConstraintLayout 2.0.0 beta 7

vom 236.37 Punkte
We are happy to announce the release of ConstraintLayout 2.0 beta 7. It’s available from the google maven repository:dependencies {    implementation 'androidx.constraintlayout:constraintlayout:2.0.0-beta7'}or if using the android.support packages:dependencies {    implementation 'com.android.support.constraint:constraint

Deobfuscating/REversing Remcos - AutoIt, Shellcode, and RunPE

vom 223.08 Punkte
Remcos is a robust RAT actively being used in the wild. This multi-staged/evasive RAT provides powerful functionality to an attacker. Each stage is written in a different language: AutoIt -> Shellcode -> C++. I wanted to explore both the evasiven

ConstraintLayout 2.0.0 beta 2

vom 215.18 Punkte
We are happy to announce the release of ConstraintLayout 2.0 beta 2. It’s available from the google maven repository: dependencies {    implementation 'com.android.support.constraint:constraint-layout:2.0.0-beta2'} or if using the AndroidX packages: dependencies {    implementation 'androidx.con

Australian Census Website Shut Down On Census Night After 4 DDoS Attacks

vom 214.2 Punkte
Heart44 writes: News sites are reporting that the Australian census website has been shut down until further notice. This happened on census night, Tuesday (Australian time), August 9th, 2016. This is the first attempt at an online census where [the internet]

Australian Census Website Shut Down On Census Night After 4 DDoS Attacks

vom 214.2 Punkte
Heart44 writes: News sites are reporting that the Australian census website has been shut down until further notice. This happened on census night, Tuesday (Australian time), August 9th, 2016. This is the first attempt at an online census where [the internet]

MindShaRE: Hardware Reversing with the TP-Link TL-WR841N Router

vom 205.03 Punkte
In early 2019, we received a bug submission from a new researcher affecting the TP-Link TL-WR841N Router. While this vulnerability is still in disclosure phase, we would like to share lessons learned when we were vetting this submission. TL-WR841N

Local Privilege Escalation in Win32k.sys Through Indexed Color Palettes

vom 201.92 Punkte
This is the second in our series of Top 5 interesting cases from 2019. Each of these bugs has some element that sets them apart from the more than 1,000 advisories released by the program this year. Today’s blog looks a local privilege escalation in t

ConstraintLayout 2.0.0 beta 5

vom 200.24 Punkte
We are happy to announce the release of ConstraintLayout 2.0 beta 5. It’s available from the google maven repository:dependencies {    implementation 'androidx.constraintlayout:constraintlayout:2.0.0-beta5'}or if using the android.support packages:dependencies {    implementation 'com.android.support.constraint:constraint

Team Security Diskussion über S3 Ep27: Census scammers, beg bounties and data breach fines [Podcast]