Security News

Critical Cisco Flaws Now Have PoC Exploit
2020-01-16 22:18

Proof-of-concept exploit code has been published for critical flaws impacting the Cisco Data Center Network Manager tool for managing network platforms and switches. The three critical vulnerabilities in question impact DCNM, a platform for managing Cisco data centers that run Cisco's NX-OS - the network operating system used by Cisco's Nexus-series Ethernet switches and MDS-series Fibre Channel storage area network switches.

PoC Exploits Released for Cisco DCNM Vulnerabilities
2020-01-16 19:00

A researcher who discovered many vulnerabilities in Cisco's Data Center Network Manager product has made public some proof-of-concept exploits and technical details. In early January, Cisco informed customers that it had released updates for DCNM to address several critical and high-severity vulnerabilities.

PoC Exploits Published For Microsoft Crypto Bug
2020-01-16 16:05

Two proof-of-concept exploits have been publicly released for the recently-patched crypto-spoofing vulnerability found by the National Security Agency and reported to Microsoft. The two PoC exploits were published to GitHub on Thursday.

PoC Exploits Released for Crypto Vulnerability Found by NSA
2020-01-16 14:13

Several proof-of-concept exploits have already been created - and some of them have been made public - for CVE-2020-0601, the crypto-related Windows vulnerability that Microsoft patched recently after being notified by the U.S. National Security Agency. Currently, there is no evidence that the vulnerability has been exploited in attacks, but PoC exploits have been created for CVE-2020-0601 much faster than many had anticipated.

Unpatched Citrix Flaw Now Has PoC Exploits
2020-01-13 15:32

Proof-of-concept exploit code has been released for an unpatched remote-code-execution vulnerability in the Citrix Application Delivery Controller and Citrix Gateway products. The vulnerability, which Threatpost reported on in December, already packs a double-punch in terms of severity: Researchers say it is extremely easy to exploit, and affects all supported versions of Citrix Gateway products and Citrix ADC, a purpose-built networking appliance meant to improve the performance and security of applications delivered over the web.

PoC Exploits Released for Citrix ADC and Gateway RCE Vulnerability
2020-01-11 02:22

Why the urgency? Earlier today, multiple groups publicly released weaponized proof-of-concept exploit code [1, 2] for a recently disclosed remote code execution vulnerability in Citrix's NetScaler ADC and Gateway products that could allow anyone to leverage them to take full control over potential enterprise targets. Just before the last Christmas and year-end holidays, Citrix announced that its Citrix Application Delivery Controller and Citrix Gateway are vulnerable to a critical path traversal flaw that could allow an unauthenticated attacker to perform arbitrary code execution on vulnerable servers.

Week in review: The data skills gap,  new Kali Linux release, Apache Solr RCEs with public PoCs
2019-12-01 16:30

Here’s an overview of some of last week’s most interesting news and articles: The overlooked part of an infosec strategy: Cyber insurance underwriting When a data breach or cyber attack hits the...

Apache Solr RCEs with public PoCs could soon be exploited
2019-11-25 10:33

Two remote code execution (RCE) vulnerabilities in Apache Solr could be exploited by attackers to compromise the underlying server. One – CVE-2019-12409 – has already been patched, while the other...

PoC Exploits Published for Unpatched RCE Bugs in rConfig
2019-11-05 10:22

A security researcher has published proof of concept exploits for two remote code execution vulnerabilities in rConfig that haven’t been patched yet. read more

Researcher Publishes PoC Exploit for Recent Android Zero-Day
2019-10-18 07:04

A security researcher has published a proof-of-concept (PoC) exploit for the recently addressed Android zero-day vulnerability that impacts Pixel 2 devices. read more