Tripwire IP360 VnE Remote Administrative API Authentication Bypass
The IP350 VnE is susceptible to a remote XML-RPC authentication
bypass vulnerability, which allows for specially crafted privileged
commands to be remotely executed without authentication. The RPC
service is available on the public HTTPS interface of the VnE by
default, and cannot be disabled.
https://cxsecurity.com/issue/WLB-2015100053
The following are the presentation slides shown by speakers at the VB2015 conference in Prague. We are still waiting for some of the slides to be supplied to us - these will be added when they are submitted to us.
https://www.virusbtn.com/conference/vb2015/slides/index
HTTP Evasions Explained - Part 4 - Doubly Compressed Content
This is the fourth part in a series which will explain the evasions done by HTTP Evader. This article is about the products which successfully support deflate compression (where several products already fail) but fail if the content is ..
http://noxxi.de/research/http-evader-explained-4-double-encoding.html
US-Provider Verizon weitet Nutzung seines Supercookies aus
Mit dem Kauf von AOL will Verizon seine Kunden nun auch über dessen Werbenetzwerk weiterverfolgen. AOL erreicht mit seiner Werbung fast 600 Millionen Menschen weltweit.
http://heise.de/-2840065