webdav – WindowsTechs.com

Energy, Nuclear Targeted with Template Injection Attacks

Posted on July 10, 2017 by Tom Spring

Adversaries are using the SMB communications channel to launch template injection attacks against the energy sector, including nuclear facilities. Continue reading Energy, Nuclear Targeted with Template Injection Attacks→

VU#921560: Microsoft OLE URL Moniker improperly handles remotely-linked HTA data

Posted on April 10, 2017 by CERT

Microsoft OLE uses the URL Moniker to open application data based on the server-provided MIME type,which can allow an unauthenticated remote attacker to execute arbitrary code on a vulnerable system. Continue reading VU#921560: Microsoft OLE URL Moniker improperly handles remotely-linked HTA data→

Publicly Attacked Microsoft IIS Zero Day Unlikely to be Patched

Posted on March 29, 2017 by Michael Mimoso

Researchers have disclosed a zero-day vulnerability and proof-of-concept exploit for a flaw in Microsoft IIS 6.0. The zero-day has been under attack since last July, the researchers said. Continue reading Publicly Attacked Microsoft IIS Zero Day Unlikely to be Patched→

DAVScan – WebDAV Security Scanner

Posted on January 2, 2017 by Darknet

DAVScan is a quick and lightweight WebDAV security scanner designed to discover hidden files and folders on DAV enabled web servers. The scanner works by taking advantage of overly privileged/misconfigured WebDAV servers or servers vulnerable to variou… Continue reading DAVScan – WebDAV Security Scanner→