bypasses
-
Blog
Nuclei flaw bypasses template signature checks to execute commands
A now-fixed vulnerability in the open-source vulnerability scanner Nuclei could potentially allow attackers to bypass signature verification while sneaking malicious code into templates that execute on local systems. Nuclei is a popular open-source vulnerability scanner created by ProjectDiscovery that scans websites for vulnerabilities and other weaknesses. The project utilizes a template-based scanning system of over 10,000 YAML templates that scan websites…
Read More » -
Blog
New tool bypasses Google Chrome’s new cookie encryption system
A researcher has released a tool to bypass Google’s new App-Bound encryption cookie-theft defenses and extract saved credentials from the Chrome web browser. The tool, named ‘Chrome-App-Bound-Encryption-Decryption,’ was released by cybersecurity researcher Alexander Hagenah after he noticed that others were already figuring out similar bypasses. Although the tool achieves what multiple infostealer operations have already added to their malware, its public…
Read More »