Apple iOS version 11.2.5, watchOS version 4.2.2, and tvOS version 11.2.5 bluetoothd memory corruption proof of concept exploit.
Powered by WPeMatico
Apple iOS 11.2.5 / watchOS 4.2.2 / tvOS 11.2.5 bluetoothd Memory Corruption
Monthly Archives: February 2018
uTorrent Users Warned of Remote Code Execution Vulnerability
Google Project Zero researchers are warning of two critical remote code vulnerabilities in popular versions of uTorrent’s web-based BitTorrent client and its uTorrent Classic desktop client.
Powered by WPeMatico
Intel Issues Updated Spectre Firmware Fixes For Newer Processors
Intel has issued a firmware fix to help its Kaby Lake, Coffee Lake and Skylake processors address the Spectre security flaw.
Powered by WPeMatico
New BEC Spam Campaign Targets Fortune 500 Businesses
A new business email compromise campaign targets financial transactions tied to Fortune 500 firms.
Powered by WPeMatico
Hashcat Advanced Password Recovery 4.1.0 Source Code
Hashcat is an advanced GPU hash cracking utility that includes the World’s fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.
Powered by WPeMatico
Yab Quarx 2.4.3 Cross Site Scripting
Yab Quarx versions 2.4.3 and below suffer from multiple cross site scripting vulnerabilities.
Powered by WPeMatico
Flight Sim Labs’ ‘Heavy Handed’ Anti-Piracy Tactics Raise Hackles
Developer Flight Sim Labs is in hot water after acknowledging that it has installed malware in its flight simulator product that it said targets pirate users of its software.
Powered by WPeMatico
MagniComp SysInfo mcsiwrapper Privilege Escalation
This Metasploit module attempts to gain root privileges on systems running MagniComp SysInfo versions prior to 10-H64. The .mcsiwrapper suid executable allows loading a config file using the ‘–configfile’ argument. The ‘ExecPath’ config directive is used to set the executable load path. This Metasploit module abuses this functionality to set the load path resulting in execution of arbitrary code as root. This Metasploit module has been tested successfully with SysInfo version 10-H63 on Fedora 20 x86_64, 10-H32 on Fedora 27 x86_64, 10-H10 on Debian 8 x86_64, and 10-GA on Solaris 10u11 x86.
Powered by WPeMatico
Radiant CMS 1.1.4 Cross Site Scripting
Radiant CMS version 1.1.4 suffers from a persistent cross site scripting vulnerability.
Powered by WPeMatico
Year-Old Coldroot RAT Targets MacOS, Still Evades Detection
Researchers are warning users about the Coldroot remote access Trojan that is going undetected by AV engines and targets MacOS computers.
Powered by WPeMatico