A vulnerability has been found in Tongda OA 2017 up to 11.10 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /module/word_model/view/index.php. The manipulation of the argument query_str leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Security Links is a curated list of websites for cybersecurity. Find cutting edge information and trends.

LATEST NEWS
thumb
2024-11-04 18:55:12Trends in China’s US election interference illustrate its longer game

Chinese malign information operations focusing on down-ballot Senate and House races rather than favoring a particular presidential candidate The post Trends in China’s US election interference illustrate its longer game appeared first on DFRLab.

by DFRLab

PICKUP

GitHub Security Lab researchers find vulnerabilities in key, widely-used open source projects. We then coordinate the disclosure of those vulnerabilities to security teams at those projects. We only publish vulnerabilities here after they’ve been announced by the affected projects' development teams and patches are available. See our disclosure policy below for more information.

A portable multi-tool for pentesters and geeks in a toy-like body. It loves hacking digital stuff, such as radio protocols, access control systems, hardware, and more. It's fully open-source and customizable, so you can extend it in whatever way you like.

The award winning online magazine dedicated to the strategy, insight and technology of information security.

The cybersecurity upskilling platform. Hack The Box gives individuals, businesses and universities the tools they need to continuously improve their cybersecurity capabilities — all in one place.

Website with the collection of all the cheat sheets of the project.

Ransomware.live monitors the extortion sites used by ransomware groups. The information posted on this website is dynamically updated in near real-time.

NEW

PoC auto collect from GitHub. Be careful Malware.

RECENTLY ADDED
NEW

Infosec's favorite weekly newsletter for news, tools, and tips with 18,000+ CISOs, founders, change-makers, and straight up hackers.

NEW
NEW

AttackIQ Academy combats cyberthreats with free courses by top experts. Enjoy hands-on learning in MITRE ATT&CK®, purple teaming, and breach & attack simulation, earning badges and certifications. Enhance your cybersecurity skills at no cost as part of the Informed Defender Community. Join us and become a cybersecurity hero today!

NEW

PolySwarm is a crowdsourced threat detection marketplace where security experts & AV companies compete to protect you.

NEW
NEW

A site for sharing packet capture (pcap) files and malware samples. I started this blog in 2013 to share pcaps and malware samples. Due to issues with Google, I've had to take most all blog posts downfrom 2013 through 2018, and I've been slowly restoring these pages using a new pattern for the password-portected zip archives.

NEW

Read McAfee Labs blogs for the latest threat research, threat intelligence, and thought leadership from the Threat Research team.

NEW

In the contemporary cybersecurity landscape, Security Operations Centers find themselves besieged by an overwhelming number of cyber threats, escalating in both frequency and complexity, leaving traditional...

NEW

Your go-to source for expert red team tips and tricks. Elevate your cybersecurity game with our insightful content.

NEW

The site for people they like to build Network Servers with CentOS, Ubuntu, Fedora, Debian, Windows Server.

NEW

AMSI.fail generates obfuscated PowerShell snippets that break or disable AMSI for the current process. The snippets are randomly selected from a small pool of techniques/variations before being obfuscated. Every snippet is obfuscated at runtime/request so that no generated output share the same signatures.

NEW

Living Off The Land Payload Generator.

NEW

The Netwrix blog is a free source of best practices, trends and expert advice for cybersecurity and IT pros.