Today’s VERT Alert addresses Microsoft’s June 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-835 on Wednesday, June 12th. In-The-Wild & Disclosed CVEs CVE-2019-1053 An issue where Windows Shell fails to properly validate folder shortcuts could lead to sandbox escape. The attacker would require the ability to […]
An anonymous security researcher going by the name of SandboxEscaper today publicly shared a second zero-day exploit that can be used to bypass a recently patched elevation of privilege vulnerability in the Microsoft Windows operating system. SandboxEscaper is known for publicly dropping zero-day exploits for unpatched Windows vulnerabilities. In the past year, the hacker has […]
Microsoft issues warning to unpatched Windows users about worm risk, and how do you delete all traces of yourself off the internet after you murder your podcast co-host? All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault. Graham […]
Welcome to Vim Sh*tty 2000 Proof-of-concept text files are now available that, when opened in a vulnerable installation of the Vim and Neovim, will execute commands on the underlying machine, or even open a backdoor.… The Register – Security
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads (software updates for example) from vendors that don’t validate data integrity. The Backdoor Factory allows you to patch binaries with shell-code so combining that with mitmproxy, which is a Python proxy-server that […]