The #CERT Coordination Center (CERT/CC) has released information on 33 vulnerabilities, known as AMNESIA:33, affecting multiple embedded open-source Transmission Control Protocol/Internet Protocol (#TCP/IP) stacks. A remote attacker could #exploit some of these vulnerabilities to take control of an affected system.
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01
a denial of service bug worth 1000$
https://hackerone.com/reports/1018037
https://hackerone.com/reports/1018037
HackerOne
Basecamp disclosed on HackerOne: a very long name in hey.com can...
Summary :
=========
after trying to change my initial name to something long i found out that their are no limits to how long it can be , so i directly changed it to something very long {F1050497}...
=========
after trying to change my initial name to something long i found out that their are no limits to how long it can be , so i directly changed it to something very long {F1050497}...
PoC exploits for CVE-2020-17143 and CVE-2020-17141 which demonstrate the XXE bugs against Exchange Server.
- Low privileged authentication only
- CVE-2020-17141 is interesting because its in the EWS API
https://srcincite.io/pocs/cve-2020-17143.py.txt
https://srcincite.io/pocs/cve-2020-17141.py.txt
- Low privileged authentication only
- CVE-2020-17141 is interesting because its in the EWS API
https://srcincite.io/pocs/cve-2020-17143.py.txt
https://srcincite.io/pocs/cve-2020-17141.py.txt
Forwarded from Security Analysis
CVE-2020-25695 Privilege Escalation in Postgresql - Staaldraad
https://staaldraad.github.io/post/2020-12-15-cve-2020-25695-postgresql-privesc/
#db #pe #postgresql @securation
https://staaldraad.github.io/post/2020-12-15-cve-2020-25695-postgresql-privesc/
#db #pe #postgresql @securation
Staaldraad
CVE-2020-25695 Privilege Escalation in Postgresql
It has been quite a year, I hope everyone is well and staying safe. This is my first and probably only post for the year, and covers a fun privilege escalation vulnerability I found in Postgresql. This affects all supported versions of Postgresql going back…
Trump Twitter Account Hacked, No Charges: Dutch Prosecutors
https://ift.tt/2KAz4HZ
https://ift.tt/2KAz4HZ
SecurityWeek
Trump Twitter Account Hacked, No Charges: Dutch Prosecutors
Dutch prosecutors said a man had cracked US President Donald Trump's Twitter account in October despite denials from Washington and the company.
#Privacy and #CyberCrime: Apple, Google, Microsoft, and Mozilla ban Kazakhstan's 🇰🇿 MitM HTTPS certificate.
https://www.zdnet.com/article/apple-google-microsoft-and-mozilla-ban-kazakhstans-mitm-https-certificate
https://www.zdnet.com/article/apple-google-microsoft-and-mozilla-ban-kazakhstans-mitm-https-certificate
ZDNet
Apple, Google, Microsoft, and Mozilla ban Kazakhstan's MitM HTTPS certificate
This marks the second time browsers makers had to intervene and block a certificate used by the Kazakhstan government to spy on its citizens.
Data Science Full Course in 12 Hours
by Intellipaat
#datascience
https://www.youtube.com/watch?v=82pV44hr7kQ
by Intellipaat
#datascience
https://www.youtube.com/watch?v=82pV44hr7kQ
YouTube
Data Science Course | Data Science Tutorial | Intellipaat
🔵 Intellipaat Data Science Training: https://intellipaat.com/data-scientist-course-training/
This is a Live Data Science session conducted by top industry experts. In this live event, we will teach you to complete data science from basics to advance level…
This is a Live Data Science session conducted by top industry experts. In this live event, we will teach you to complete data science from basics to advance level…