Hi List,
we are happy to publish a tool written some months ago to discover
netgear switches using python.
Abstract
nsdtool is a toolset of scripts used to detect netgear switches in local
networks. The tool contains some extra features like bruteforce and
setting a new password.
Netgear has
Hi List,
please find an example app and sourcecode here:
https://www.curesec.com/data/binary/CRT-RemoveLocks.apk
https://www.curesec.com/data/binary/CRT-RemoveLocks.tar.bz2
Cheers,
CRT
Am 27.11.2013 20:16, schrieb Curesec Research Team:
Please find a better readable version of the advisory
Please find a better readable version of the advisory here:
https://cureblog.de/2013/11/755/
Cheers,
Curesec Research Team
==
CVE-2013-6271: Security Advisory – Curesec Research Team
1. Introduction
Advisory ID:Cure-2013-1011
Security Advisory - Curesec Research Team
=
1. Introduction
Advisory ID: Cure-2013-1006
Advisory URL: https://www.curesec.com/
Affected Product: Prior 5.1.1.0
Fixed Version: 5.1.1.0
Vendor Contact: supp...@livezilla.net
Vulnerability Type
Security Advisory - Curesec Research Team
=
1. Introduction
Advisory ID: Cure-2013-1008
Advisory URL: https://www.curesec.com/
Affected Product: Prior LiveZilla version 5.1.1.0
Affected Systems: Windows
Vendor Contact: supp
CVE-2013-6225: Security Advisory – Curesec Research Team
1. Introduction
Advisory ID:Cure-2013-1007
Advisory URL: https://www.curesec.com/de/veroeffentlichungen
/advisories.html
Blog URL:
https://cureblog.de/2013/11/remote-code-execution-in-livezilla
Hi List,
please find the vulnerability description within this post.
Cheers,
Curesec Research Team
Reference:
https://cureblog.de/2013/07/phishing-google-wallet-and-paypal-by-abusing-whatsapp/
Phishing Google Wallet and Paypal by abusing WhatsApp
-=Introduction=-
WhatsApp is one
Am 11.07.2013 16:41, schrieb Jann Horn:
FYI, the openssh guys have known this for quite a while and they don't
treat it as an issue worth fixing. They don't want to introduce extra
anti-timing code just to prevent user enumeration from working.
Oh really?
By the way: If you can hog the CPU
massively. In our case we go with 39.000
characters(A’s). Trying those passwords at an existing and a
non-existing account shows a quite high delay.
Find the rest of the post + some example code at the blogpost.
http://cureblog.de/openssh-user-enumeration-time-based-attack/
Cheers,
Curesec Research
Hi List,
please find the second part of the Inkasso Trojaner. In this blogpost
we go on with the analysis of the dropper. This time with related domain
names,ip's and commands it is supporting.
https://cureblog.de/inkasso-trojaner-part-2/
Have fun!
Curesec Research Team
Hi List,
we analyzed a Trojan, propagating via email, sent to us some days ago. Please
find the first part here:
http://cureblog.de/inkassomahngebuhren-trojaner-part-1/
Cheers,
Curesec Research Team
___
Full-Disclosure - We believe in it.
Charter
11 matches
Mail list logo