Google engineers published a PoC exploit to demonstrate the effectiveness of using the Specter vulnerability in browsers to access information in memory. This PoC exploit is reported to work with a wide range of architectures, operating systems, and hardware generations. It proves in practice that the protective mechanisms that developers have added to their browsers… Continue reading Google experts published PoC exploit for Specter that is targeting browsers
Tag: Exploit
GitHub removed ProxyLogon exploit and has been criticized
The administration of the GitHub service has removed a real working exploit for the ProxyLogon vulnerabilities in Microsoft Exchange, though information security specialists have sharply criticized GitHub. Yesterday we wrote that an independent information security researcher from Vietnam published on GitHub the first real PoC exploit for a serious set of ProxyLogon vulnerabilities recently discovered… Continue reading GitHub removed ProxyLogon exploit and has been criticized
Researcher Published PoC Exploit for ProxyLogon Vulnerabilities in Microsoft Exchange
An independent information security researcher from Vietnam has presented a PoC exploit for ProxyLogon vulnerabilities in Microsoft Exchange, whose viability has already been confirmed by such well-known experts. Last week, Microsoft engineers released unscheduled patches for four vulnerabilities in the Exchange mail server. Four patches united by the name ProxyLogon. In fact, these vulnerabilities can… Continue reading Researcher Published PoC Exploit for ProxyLogon Vulnerabilities in Microsoft Exchange
Full-fledged exploits detected for Specter vulnerability
French cybersecurity specialist Julien Voisin reported that in early February 2021, someone uploaded exploits for the Specter vulnerability to VirusTotal. This is the first time that a “combat” exploit for this problem has become publicly available. As a reminder, the original Specter issue was discovered in 2018 along with the Meltdown bug. These fundamental flaws… Continue reading Full-fledged exploits detected for Specter vulnerability
Cybersecurity expert created an exploit to hack iPhone via Wi-Fi
Google Project Zero expert Ian Beer has demonstrated an exploit to hack iPhone and other iOS devices remotely and without user interaction. The underlying critical vulnerability CVE-2020-3843, discovered by the researcher, made it possible to remotely steal sensitive data from any device in the Wi-Fi hotspot without any user’s interaction. The exploit, which Bier worked… Continue reading Cybersecurity expert created an exploit to hack iPhone via Wi-Fi
Microsoft recommends Exchange administrators to disable SMBv1
Microsoft strongly recommends administrators disable the SMBv1 protocol on Exchange servers to protect against threats that exploit its vulnerabilities. Let me remind you that Microsoft has been implementing a systematic refusal to use the outdated SMBv1 for a long time. So, since 2016, the company has advised administrators to withdraw from SMBv1 support since this… Continue reading Microsoft recommends Exchange administrators to disable SMBv1