Researchers Discover Command Injection Flaw in Wi-Fi Alliance’s Test Suite Oct 25, 2024Ravie LakshmananVulnerability / Wi-Fi Security A security flaw impacting the Wi-Fi Test Suite could enable unauthenticated local attackers to execute arbitrary code with elevated privileges. The CERT Coordination Center (CERT/CC) said the vulnerability, tracked as CVE-2024-41992, said the Read more…
Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: Dynamic DNS Service Providers for APT Command and Control (C&C) Dear blog readers, The following is a compilation of dynamic DNS providers in specific ones used by APTs and various other targeted campaign obtained using public sources. Sample dynamic DNS Read more…
Shell Command Obfuscation To Avoid Detection Systems Shell command obfuscation to avoid SIEM/detection system During pentest, an important aspect is to be stealth. For this reason you should clear your tracks after your passage. Nevertheless, many infrastructures log command and send them to a SIEM in a real time making Read more…
Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution Sep 27, 2024Ravie LakshmananLinux / Vulnerability A new set of security vulnerabilities has been disclosed in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems that could permit remote command execution under certain conditions. “A remote unauthenticated attacker Read more…
Oracle WebLogic Server OS Command Injection Flaw Under Active Attack The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Oracle WebLogic Server to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2017-3506 (CVSS score: 7.4), the issue concerns Read more…
Microsoft Introduces Linux-Like ‘sudo’ Command to Windows 11 Feb 12, 2024NewsroomOperating System / Technology Microsoft said it’s introducing Sudo for Windows 11 as part of an early preview version to help users execute commands with administrator privileges. “Sudo for Windows is a new way for users to run elevated commands Read more…