ZeroFont attacks involve inserting hidden words with a font size of zero that are invisible to the recipient into a phishing email in order to fool Microsoft's impersonation scanning.

Affected Software: IPConfigure Orchid Core VMS (All versions < 2.0.6, tested on Linux and Windows) Vulnerability: Unauthenticated Privileged Directory Traversal CVE: CVE-2018-10956 Impact: Arbit…

Taking a look how afl-fuzz behaves on different file systems.

Learn how CrowdStrike Services used the Office 365 Activities API to investigate Business Email Compromises (BECs) involving cyber fraud and theft.

While doing background research on OpenVPN I stumbled upon an interesting question on Stack Exchange.

I accidentally discovered a huge browser security bug. Here's what it does, and how I discovered it…

3 votes and 0 so far on reddit

Author: @Ambulong Security Team ChaMd5 disclose a Local File Inclusion vulnerability in phpMyAdmin latest version 4.8.1. And the exploiting of this vulnerability may lead to Remote Code Execution. In

The extremely popular video game Fortnite is coming to Android sometime this summer, and the fanbase is going wild. Not surprisingly, mobile malware developers are taking advantage. Already, there are several videos on YouTube with links claiming to be versions…

Some time ago, a case about a hacked baby monitor made the news in the US. A mother claimed someone had taken control over the device and surveilled her baby.

ARPPD - An ARP Poisoning Defender noscript

ARPPD - An ARP Poisoning Defender noscript

DanderSpritz_lab - A fully functional DanderSpritz lab in 2 commands

I’m going to walk through a simple yet high-impact privilege escalation I landed on while poking around…

2 votes and 0 so far on reddit