RegLoadAppKey is documented to load keys in a location which can’t be enumerated and also non-guessable. However it’s possible to enumerate loaded hives and find ones which can be written to which might lead to elevation of privilege.

Security

AnyDesk 2.5.0 Privilege Escalation

September 23, 2016 007admin Leave a comment

AnyDesk version 2.5.0 unquoted service path suffers from a privilege escalation vulnerability.

ESET

Mr. Robot security recap: 10 lessons learned from Season 02

September 23, 2016 007admin Leave a comment

Cybersecurity and hacking play a leading role in the series, so with Mr. Robot season 02 almost over, we want to do a reality check on the scenarios we saw.

The post Mr. Robot security recap: 10 lessons learned from Season 02 appeared first on WeLiveSecurity.

Security

Microix Timesheet Module SQL Injection

September 23, 2016 007admin Leave a comment

Microix Timesheet module suffers from a remote SQL injection vulnerability.

Security

Matrimonial Website Script 1.0.2 SQL Injection

September 23, 2016 007admin Leave a comment

Matrimonial Website Script version 1.0.2 suffers from a remote SQL injection vulnerability.

007 Software

Monthly Archives: September 2016

TeemIp 2.0.2 Cross Site Scripting

Nation State Attack On Yahoo! Claims Over 500 Million Accounts

Krebs Booted Off Akamai After DDoS Becomes Too Pricey

OpenSSL Swats A Dozen Bugs, One Notable Nasty

NSA Hushed Up Zero-Day Spyware Tool Losses For Three Years

Microsoft Windows RegLoadAppKey Privilege Elevation

AnyDesk 2.5.0 Privilege Escalation

Mr. Robot security recap: 10 lessons learned from Season 02

Microix Timesheet Module SQL Injection

Matrimonial Website Script 1.0.2 SQL Injection

Software and Security Information