There is a use-after-free in Adobe Flash Selection.setFocus. It is a static method, but if it is called with a this object, it will be called on that object’s thread. Then, if it calls into script, for example, by calling toString on the string parameter, the object, and its thread will be deleted, and a use-after-free occurs.
Monthly Archives: August 2016
Adobe Flash Stage.align Use-After-Free
There is a use-after-free in the Adobe Flash Stage.align property setter. When the setter is called, the parameter is converted to a string early, as a part of the new use-after-free prevention changes. This conversion can invoke script, which if the this object is a MovieClip, can delete the object, deleting the thread the call is made from, which can lead to a use-after-free.
Stegano 0.6.1
Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
OATH Toolkit 2.6.2
OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.
INTELLINET IP Camera INT-L100M20N Change Admin Password
INTELLINET IP Camera INT-L100M20N remote change admin username / password exploit.
Opera Browser Sync Service Hacked; Users' Data and Saved Passwords Compromised
Opera has reset passwords of all users for one of its services after hackers were able to gain access to one of its Cloud servers this week.
Opera Software reported a security breach last night, which affects all users of the sync feature of its web browser.
<!– adsense –>
So, if you’ve been using Opera’s Cloud Sync service, which allows users to synchronize their browser data and settings
Megaupload Domains Seized by FBI 'Hijacked' to Host Porn Ads
Well, we all know that the FBI has previously hosting porn on the Internet. I still remember the case of PlayPen, the world’s largest dark web child pornography site, which was seized by FBI and ran from agency’s own servers to uncover the site’s visitors.
Now, one of the most popular sites owned and operated by the FBI has been serving porn as well.
FBI-owned Megaupload.org and several
Hacker reveals How He Could have Hacked Multiple Facebook Accounts
How to Hack a Facebook Account?
That’s possibly the most frequently asked question on the Internet today. Though the solution is hard to find, a white hat hacker has just proven how easy it is to hack multiple Facebook accounts with some basic computer skills.
Your Facebook account can be hacked, no matter how strong your password is or how much extra security measures you have taken. No
Blue Team Training Toolkit (BT3) 2.0
Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto’s Maligno and Pcapteller.
Vuln: WebKit CVE-2016-4657 Unspecified Memory Corruption Vulnerability
WebKit CVE-2016-4657 Unspecified Memory Corruption Vulnerability