Oracle Java 0day and the Myth of a Targeted Attack

27/08/2012Reverse EngineeringChina, Gondad, Gong Da, Java, Nitro, Oraclewow

FireEye (@fireeye) were the first to speak around the Oracle Java 0day in a nice blog post “Zero-Day Season is Not Over Yet“. As they mentioned in the blog post it was just a matter of time that a PoC will be released. The tweet was dated from 9:26 PM – 26 August, 2012. https://twitter.com/FireEye/status/239806161874993152 … Continue reading Oracle Java 0day and the Myth of a Targeted Attack →

WordPress TimThumb RFI Vulnerability used as Botnet Recruitment Vector

20/09/2011VariousBotnet, RFI, WordPresswow

On thirst August 2011, Mark Maunder had reveal, through a defacement experience, that “timthumb.php” script, included in hundreds of WordPress themes, was vulnerable to remote file inclusion (RFI) attack. TimThumb is small php script for cropping, zooming and resizing web images (jpg, png, gif). The default configuration of “timthumb.php” script, in many WordPress themes, allow … Continue reading WordPress TimThumb RFI Vulnerability used as Botnet Recruitment Vector →

Eric Romang Blog

aka wow on ZATAZ.com

Search Results for: afraid

Oracle Java 0day and the Myth of a Targeted Attack

WordPress TimThumb RFI Vulnerability used as Botnet Recruitment Vector