PoC – Page 15 – WindowsTechs.com

PoC exploit for Windows Shell RCE released

Posted on October 12, 2018 by Zeljka Zorz

Here’s one more reason to hurry with the implementation of the latest Microsoft patches: a PoC exploit for a remote code execution vulnerability that can be exploited via Microsoft Edge has been published and can be easily adapted by attackers. A… Continue reading PoC exploit for Windows Shell RCE released→

How Do You Establish Credibility?

Posted on October 2, 2018 by Jane Grafton

Earlier this month, we met with our Executive Advisory Board. These are seasoned Chief Information Security Officers commanding enterprise security teams in various industries. In short, they are incredibly smart leaders who know exactly who they are a… Continue reading How Do You Establish Credibility?→

Windows zero-day flaw and PoC unveiled via Twitter

Posted on August 28, 2018 by Zeljka Zorz

A Windows zero-day local privilege escalation flaw and a Proof-of-Concept exploit for it have been revealed on Monday by someone who goes by SandboxEscaper on Twitter. The user in question deleted the account soon after, but not before sharp-eyed secur… Continue reading Windows zero-day flaw and PoC unveiled via Twitter→

PoC exploit for critical Apache Struts flaw found online

Posted on August 27, 2018 by Zeljka Zorz

The Apache Software Foundation revealed last week the existence of a critical Apache Struts flaw (CVE-2018-11776) similar to the one exploited in the Equifax breach and urged organizations and developers to upgrade their installations to versions 2.3.3… Continue reading PoC exploit for critical Apache Struts flaw found online→

PoC Code Surfaces to Exploit Apache Struts 2 Vulnerability

Posted on August 24, 2018 by Tom Spring

Researchers find proof-of-concept code that can take advantage of the recently identified Apache Struts framework (CVE-2018-11776) vulnerability. Continue reading PoC Code Surfaces to Exploit Apache Struts 2 Vulnerability→

Researchers aim to befuddle cybercriminals with defensive WWII fighter pilot trick

Posted on August 9, 2018 by Filip Truta

Most ethical hackers prefer to lend their services to eliminate potentially harmful bugs. But one team of white hats wants to test the opposite approach to thwarting bad actors – by wasting their time and resources with non-exploitable, intention… Continue reading Researchers aim to befuddle cybercriminals with defensive WWII fighter pilot trick→

Skills That a ‘Next-Level’ Pentester Should Have

Posted on July 25, 2018 by Moshe Zioni

Top tier penetration testers are a breed of their own. Here is how to make sure your pentester is topnotch. Continue reading Skills That a ‘Next-Level’ Pentester Should Have→

Cisco ASA and Firepower flaw exploited in the wild

Posted on June 26, 2018 by Zeljka Zorz

A high-severity vulnerability affecting Cisco ASA and Firepower security appliances is being exploited in the wild after an exploit has been released online on Friday. “Cisco PSIRT has become aware of a public proof-of-concept exploit and is awar… Continue reading Cisco ASA and Firepower flaw exploited in the wild→

Robots hijacked by ransomware may soon become a reality

Posted on March 9, 2018 by Zeljka Zorz

How soon will we see our home, office or industrial robots being hijacked and held ransom by attackers? If they dedicate their efforts to research, that day may come sooner rather than later. Attack demonstration IOActive researchers Lucas Apa and Cesa… Continue reading Robots hijacked by ransomware may soon become a reality→

Hotspot Shield VPN flaw can betray users’ location

Posted on February 7, 2018 by Zeljka Zorz

A flaw in the widely used Hotspot Shield VPN utility can be exploited by attackers to obtain sensitive information that could be used to discover users’ location and, possibly and ultimately, their real-world identity. About the vulnerability Acc… Continue reading Hotspot Shield VPN flaw can betray users’ location→