searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus
Help Net Security - Daily information security news with a focus on enterprise security.
Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert analysis
  • Videos
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Product showcase
  • Newsletters

PoC

Get our top stories in your inbox

Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909)

July 20, 2021

A vulnerability (CVE-2021-33909) in the Linux kernel’s filesystem layer that may allow local, unprivileged attackers to gain root privileges on a vulnerable host has been …

There are new unpatched bugs in Windows Print Spooler

July 19, 2021

Security researchers have unearthed new elevation of privilege (EoP) bugs in Windows Print Spooler, one of the oldest Windows components. Scarce details have been shared about …

PoC for critical Windows Print Spooler flaw leaked (CVE-2021-1675)

June 30, 2021

CVE-2021-1675, a Windows Print Spooler vulnerability that Microsoft patched in June 2021, presents a much greater danger than initially thought: researchers have proved that …

Cisco security devices targeted with CVE-2020-3580 PoC exploit

June 29, 2021

Attackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software. Active attacks apparently …

Is it OK to publish PoC exploits for vulnerabilities and patches?

May 5, 2021

In the wake of the Microsoft Exchange ProxyLogon zero-day and F5 BIG-IP security exploits earlier this year, many are questioning if and when should researchers publish proof …

Using memory encryption in web applications to help reduce the risk of Spectre attacks

March 25, 2021

There’s nothing quite like an actual proof-of-concept to make everyone listen. I was pleased by the PoC released by Google security engineers Stephen Röttger and Artur Janc …

As attacks on Exchange servers escalate, Microsoft investigates potential PoC exploit leak

March 15, 2021

Microsoft Exchange servers around the world are still getting compromised via the ProxyLogon (CVE-2021-26855) and three other vulnerabilities patched by Microsoft in early …

Attackers are looking to exploit critical VMware vCenter Server RCE flaw, patch ASAP!

February 25, 2021

The day after VMware released fixes for a critical RCE flaw (CVE-2021-21972) found in a default vCenter Server plugin, opportunistic attackers began searching for publicly …

Out-of-band Drupal security updates fix bugs with known exploits

November 27, 2020

Drupal has released out-of-band security updates to fix two critical code execution flaws (CVE-2020-28948, CVE-2020-28949) in Drupal core, as “there are known exploits …

Critical vulnerabilities in Cisco Security Manager fixed, researcher discloses PoCs

November 17, 2020

Cisco has patched two vulnerabilities in its Cisco Security Manager solution, both of which could allow unauthenticated, remote attackers to gain access to sensitive …

Git LFS vulnerability allows attackers to compromise targets’ Windows systems (CVE-2020-27955)

November 5, 2020

A critical vulnerability (CVE-2020-27955) in Git Large File Storage (Git LFS), an open source Git extension for versioning large files, allows attackers to achieve remote code …

Google discloses actively exploited Windows zero-day (CVE-2020-17087)

November 2, 2020

Google researchers have made public a Windows kernel zero day vulnerability (CVE-2020-17087) that is being exploited in the wild in tandem with a Google Chrome flaw …

Posts navigation

1 2 3 4 5 6 7 … 9

Featured news

  • Apple backports fix for exploited WebKit bug to older iPhones, iPads (CVE-2023-23529)
  • What you need before the next vulnerability hits
  • Running a security program before your first security hire
How to protect online privacy in the age of pixel trackers

Sponsored

Webinar: Tips from MSSPs to MSSPs – starting a vCISO practice

Security in the cloud with more automation

CISOs struggle with stress and limited resources

How to scale cybersecurity for your business

Don't miss

Apple backports fix for exploited WebKit bug to older iPhones, iPads (CVE-2023-23529)

Europol details ChatGPT’s potential for criminal abuse

What you need before the next vulnerability hits

Running a security program before your first security hire

What the food and building industry can teach us about securing embedded systems

Cybersecurity news
Help Net Security - Daily information security news with a focus on enterprise security.
© Copyright 1998-2023 by Help Net Security
Read our privacy policy | About us | Advertise
Follow us