Security News

SNMP Authentication Bypass Plagues Numerous Devices (SecurityWeek)
2017-04-28 06:48

Flaws Allowed Hackers to Bypass LastPass 2FA (SecurityWeek)
2017-04-21 08:33

Drupal Closes Access Bypass Vulnerability in Core Engine (Threatpost)
2017-04-20 13:57

Drupal released a point update for its core engine to patch a critical access bypass vulnerability.

Drupal Patches Critical Access Bypass Flaw (SecurityWeek)
2017-04-20 07:33

Fileless UAC Bypass Uses Windows Backup and Restore Utility (Threatpost)
2017-03-27 16:13

Researcher Matt Nelson disclosed another Windows UAC bypass, this one abusing the sdclt.exe backup and restore utility to execute a payload without triggering an alert.

Fileless Attack Can Bypass User Account Control in Windows 10 (SecurityWeek)
2017-03-20 20:47

App Paths Used to Bypass User Account Control in Windows 10 (SecurityWeek)
2017-03-19 14:33

Researcher Discloses Google ReCaptcha v2 Bypass (SecurityWeek)
2017-03-03 15:40

Google reCaptcha Bypass Technique Uses Google’s Own Tools (Threatpost)
2017-03-02 12:00

A proof of concept bypass of Google's CAPTCHA verification system uses Google's own web-based tools to pull off the skirting of the system.

Java, Python FTP Injection Attacks Bypass Firewalls (Threatpost)
2017-02-23 14:19

Newly disclosed FTP injection vulnerabilities in Java and Python that are fueled by rather common XML External Entity (XXE) flaws allow for firewall bypasses.