Serverless botnets could soon become reality
We have been accustomed to think about botnets as a network of compromised machines – personal devices, IoT devices, servers – waiting for their masters’ …
PoC
PoC exploit for Windows Shell RCE released
Here’s one more reason to hurry with the implementation of the latest Microsoft patches: a PoC exploit for a remote code execution vulnerability that can be exploited …
Windows zero-day flaw and PoC unveiled via Twitter
A Windows zero-day local privilege escalation flaw and a Proof-of-Concept exploit for it have been revealed on Monday by someone who goes by SandboxEscaper on Twitter. The …
PoC exploit for critical Apache Struts flaw found online
The Apache Software Foundation revealed last week the existence of a critical Apache Struts flaw (CVE-2018-11776) similar to the one exploited in the Equifax breach and urged …
Cisco ASA and Firepower flaw exploited in the wild
A high-severity vulnerability affecting Cisco ASA and Firepower security appliances is being exploited in the wild after an exploit has been released online on Friday. …
Robots hijacked by ransomware may soon become a reality
How soon will we see our home, office or industrial robots being hijacked and held ransom by attackers? If they dedicate their efforts to research, that day may come sooner …
Hotspot Shield VPN flaw can betray users’ location
A flaw in the widely used Hotspot Shield VPN utility can be exploited by attackers to obtain sensitive information that could be used to discover users’ location and, …
How to make public Wi-Fi users mine cryptocurrency for you
Covertly roping unsuspecting users’ machines into mining cryptocurrency is a dream for many aspiring cryptocurrency owners, and some of them set aside ethical …
Camera-based, single-step two-factor authentication resilient to pictionary, shoulder surfing attacks
A group of researchers from Florida International University and Bloomberg LP have created Pixie, a camera-based two-factor authentication system that could end up being a …
Google Chrome remote code execution flaw detailed, PoC released
Vulnerability broker Beyond Security has released details about and Proof of Concept code for a remote code execution bug affecting Google Chrome. “The [type confusion] …
