“Wanna Cry” and the art of not keeping the systems updated
The Magic Button There is a magic button that is going to save us all. Mathematical modeling, sandboxing, behavioral analysis,…
The Magic Button There is a magic button that is going to save us all. Mathematical modeling, sandboxing, behavioral analysis,…
Anti-virus or Anti-malware is not dead; it is one of the defense mechanism in a defense-in-depth strategy. Here is the…
It took us close to nine months to translate our idea into reality. We had debated the idea (for ANCOR,…
There is no “magic box” security. I can’t buy a device in the market that can be plugged in somewhere…
All human beings have a part of the good and the bad. At times, bad takes over the good and…
1. Naïve Belief: Who is interested in my system? Nobody is going to attack me. I haven’t done anything bad…
Is it too much to expect an appropriate answer from Computer Science Engineering graduates for these questions, - What does…
Folks, SecPod Research Team member (Karthik N.) has found a DLL Insecure Loading vulnerability in PowerZip application, which can be…
Fellas,
SecPod Research Team member “Veerendra GG” has written a valid working POC to crash CUPS Service. The POC is written based on the information provided in RedHat Bugzilla (CVE-2010-2941) which sends a malformed IPP (Internet Printing Protocol) packets over TCP. For more information on this vulnerability, you can refer here. You can manage these Vulnerabilities with the help of a good Vulnerability Management Tool. Well, inline comments inside the Python script can help you more to figure out how the bug was reproduced to crash the service. The Vulnerability Management System can resolve these issues and keep your infrastructures safe. For brevity, the poc is posted below as well. (more…)
Folks, SecPod Research Team has found one LFI (Local File Inclusion) and XSS flaw in Openengine CMS, which can be…