Monthly Archives: April 2016
55 Million Voters' Details Leaked In The Philippines
How To Make Big Bucks Hunting Cyber Bugs
Ransomware Targets Called By Name In Spear-Phishing Blast
New feature in Avast Wi-Fi Finder: Offline Mode
Avast Wi-Fi Finder’s Offline Mode helps you find hotspots without an Internet connection.
It’s never a pleasant experience to find yourself roaming around a foreign city unable to find Wi-Fi hotspots, especially when you’re unable to use your own data plan to begin with. In these cases, wouldn’t it be great to have a tool that could simply work its magic and locate nearby hotspots?
Panama Papers: How did it probably happen?
The hot topic of the moment is the Panama Papers, a name given to the leak of classified information on the secret accounts of many important public figures worldwide. The news about them potentially evading the tax authorities through off-shore accounts was revealed by a team of 370 journalists from all over the world — and no one had a clue of the story before the news broke. But how was that possible?
The post Panama Papers: How did it probably happen? appeared first on Avira Blog.
Monsta Box WebFTP 1.8.2 and below arbitrary file read and path traversal vulnerabilities
Posted by Imre RAD on Apr 07
Application
———–
“MONSTA Box is a lightweight open-source file manager you can install on
your website or server * to easily manage your files through any browser.”
(Description from the official website http://www.monstahq.com/)
Vulnerability
————-
The Monsta Box WebFTP application supports file templates when creating
new files. The template parameter is part of the HTTP request so it is a
user input and it was not…
Mumblehard takedown ends army of Linux servers from spamming
One year after the release of the technical analysis of the Mumblehard Linux botnet, it is no longer active. ESET, in collaboration with the Cyber Police of Ukraine and CyS Centrum LLC, have taken down the botnet, stopping its spamming activities.
The post Mumblehard takedown ends army of Linux servers from spamming appeared first on We Live Security.
Introducing Metaphor: Another Android Stagefright exploit
Researchers in Israel have come across a new way of exploiting the Stagefright vulnerability that was uncovered last year, and which affects the library that Android uses to analyze multimedia files.
The post Introducing Metaphor: Another Android Stagefright exploit appeared first on We Live Security.
CVE-2016-0888 (documentum_d2)
EMC Documentum D2 before 4.6 lacks intended ACLs for configuration objects, which allows remote authenticated users to modify objects via unspecified vectors.