Authored by Ivan Fratric, Google Security Research
There is an intra-object overflow in Shannon Baseband, inside the 5G SM protocol implementation (NrSmMsgCodec as it is...
By: Ravie Lakshmanan
Microsoft this week confirmed that it inadvertently exposed information related to thousands of customers following a security lapse that left an endpoint...
By: Ravie Lakshmanan
An unknown threat actor with the capabilities to evolve and tailor its toolset to target environments infiltrated high-profile organizations in Asia and...
By: Tina Martin
Why You Need Cybersecurity to Protect Your Greatest Assets
When it comes to cybersecurity, you can never be too careful. After all, not...
By: Ravie Lakshmanan
ShinyHunters, a notorious cybercriminal underground group that's been on a data breach spree since last year, has been observed searching companies' GitHub...
Security researchers identified a high-impact vulnerability in software licensed to multiple router vendors. Affected devices are at risk of a remote code execution (RCE)...
By: Ravie Lakshmanan
A highly sophisticated adversary named LightBasin has been identified as behind a string of attacks targeting the telecom sector with the goal...
I Can Haz Domain Admin?
Active Directory security is notoriously difficult. Small organizations generally have no idea what they're doing, and way too many people...
domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time.
Usage
Flags
This...
Sniffle is a sniffer for Bluetooth 5 and 4.x (LE) using TI CC1352/CC26x2 hardware.
Sniffle has a number of useful features, including:
Support for BT5/4.2 extended...
Modular brute force tool written in Python, for very fast password spraying SSH, and FTP and in the near future other network services.
COMING SOON: SMB,...
This project builds virtual machine which can be used for analytics of tshark -T ek (ndjson) output. The virtual appliance is built using vagrant, which builds...
Authored by h00die-gr3y | Site metasploit.com
The Acronis Cyber Protect appliance, in its default configuration, allows the anonymous registration of new protect/backup agents on new...
Authored by Stefan Viehboeck, Constantin Schieber-Knöbl | Site sec-consult.com
Various Siemens products suffer from vulnerabilities. There is an unlocked JTAG Interface for Zynq-7000 on SM-2558...
Authored by Daniel Hirschberger | Site sec-consult.com
Omada Identity versions prior to 15U1 and 14.14 hotfix #309 suffer from a persistent cross site scripting vulnerability.
advisories...