This Metasploit module exploits a file upload vulnerability in Wolf CMS version 0.8.2. This application has an upload feature that allows an authenticated user with administrator roles to upload arbitrary files to the ‘/public’ directory.
Monthly Archives: June 2016
Nuclear, Angler Exploit Kit Activity Has Disappeared
Researchers who study exploit kits are reporting that two major kits, Angler and Nuclear, may no longer be available.
Email Servers For More Than Half of World’s Top Sites Can Be Spoofed
More than half of the world’s top sites suffer from misconfigured email servers, something that heightens the risk of having spoofed emails sent from their domains, researchers warn.
Windows x86 ShellExecuteA(NULL,NULL,"cmd.exe",NULL,NULL,1) Shellcode
Windows x86 ShellExecuteA(NULL,NULL,”cmd.exe”,NULL,NULL,1) shellcode.
Ransomware A Two-Year Nightmare in the Making
The last two years have seen an astounding growth in the number of people encountering ransomware.
Advantech Patches WebAccess Remote Code Execution Flaws
Advantech has published a new version of its WebAccess product to address vulnerabilities that put installations at risk to remote code execution attacks.
Bounty time for bugs at Avira
The field is open for bug hunters
The post Bounty time for bugs at Avira appeared first on Avira Blog.
Facebook’s Mark Zuckerberg ‘tapes over webcam’
A Facebook post from Mark Zuckerberg ‘reveals’ that he is serious about security, as it seems to show that his webcam is covered up with tape.
The post Facebook’s Mark Zuckerberg ‘tapes over webcam’ appeared first on We Live Security.
WordPress Releases Security Update
Original release date: June 22, 2016
WordPress 4.5.2 and prior versions are affected by several security issues. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system.
US-CERT encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 4.5.3.
This product is provided subject to this Notification and this Privacy & Use policy.
Google makes 2-Factor Authentication a lot Easier and Faster
When it comes to data breaches of major online services like LinkedIn, MySpace, Twitter and VK.com, it’s two-factor authentication that could save you from being hacked.
Two-factor authentication or 2-step verification is an effective way to secure online accounts, but many users avoid enabling the feature just to save themselves from irritation of receiving and typing a six-digit code that
