FireEye Discloses Breach – Theft of Cybersecurity Tools

On December 8, 2020, FireEye – a $3.5 billion enterprise – disclosed theft of their Red Team tools. Red Team tools are essentially built from malware that the company has seen used in a wide range of attacks. FireEye says the hackers now have an influential collection of new techniques to draw upon. The stolen … Continue reading “FireEye Discloses Breach – Theft of Cybersecurity Tools”

vBulletin pre-auth Remote Code Execution Vulnerability

vBulletin is a well-known forum software worldwide. Recently a pre-auth RCE was observed that bypasses CVE-2019-16759, September 2019 vBulletin patch. Security researcher Amir Etemadieh (Zenfox) has discovered this zero day and has published POC in various formats in his blog on 9th Aug,2020. Description The vulnerability exists in the dynamic creation of widgets at ajax/render/widget_tabbedcontainer_tab_panel. … Continue reading “vBulletin pre-auth Remote Code Execution Vulnerability”