Stay connected

Trending News

Category: Exploit

Cleanly Escaping the Chrome Sandbox
Exploit

Cleanly Escaping the Chrome Sandbox 

This post will explain how we discovered and exploited Issue 1062091, a use-after-free (UAF) in the browser process leading to a sandbox escape in Google Chrome as well as Chromium-based Edge. Background Our goal is to make this post accessible to those unfamiliar with Chrome exploitation,…

Aggah: How to run a botnet without renting a Server (for more than a year)
Exploit, News

Aggah: How to run a botnet without renting a Server (for more than a year) 

Experts from Yoroi-Cybaze ZLab have spotted new attack attempts directed to some Italian companies operating in the Retail sector linked to Aggah campaign. Introduction During the last year, we constantly kept track of the Aggah campaigns. We started deepening inside the Roma225 Campaign and went on with the RG Campaign, contributing to the joint effort to…

Exploit, News, Vulnerabilities

Blue Prism Robotic Process Automation (RPA) Privilege Escalation 

Blue Prism Robotic Process Automation (RPA) versions prior to 6.5.0.12573 suffer from a privilege escalation vulnerability. ———————————————————————— SySS Security Advisory: Blue Prism Robotic Process Automation (RPA) – Privilege Escalation ———————————————————————— Advisory ID: SYSS-2019-002 Product: Blue Prism Robotic Process Automation (RPA) Manufacturer: Blue Prism Affected Version(s):…