Good news ! Hackbusters community is waiting for you !
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at:

Vulnerability in NSA's Reverse Engineering Tool Allows Remote Code Execution

A vulnerability in Ghidra, the generic disassembler and decompiler released by the National Security Agency (NSA) in early March, could be exploited to execute code remotely, researchers say.

The flaw, an XML external entity (XXE) issue, was discovered in the Ghidra project loading process immediately after the tool was released.

Impacting the project open/restore, the vulnerability can be exploited by anyone able to trick a user into opening or restoring a specially crafted project, a GitHub report reveals.

To reproduce the issue, one would need to create a project, close it, then put an XXE payload in any of the XML files in the project directory. As soon as the project is opened, the payload is executed.

Discovered by a researcher who uses the online handle of sghctoma, the vulnerability can be triggered on archived projects (.gar files) as well.

On Monday, Tencent Security researchers published information on how the XXE flaw can be exploited to remotely execute code on...(continued)

View All Trending Stories