Books & Papers Security Vulnerabilities

A clearer lens on Zero Trust security strategy: Part 1

Today's world is flooded with definitions and perspectives on Zero Trust, so we are kicking off a blog series to bring clarity to what Zero Trust is and what it means. This first blog will draw on the past, present, and future to bring a clear vision while keeping our feet planted firmly on the...

A clearer lens on Zero Trust security strategy: Part 1

Today's world is flooded with definitions and perspectives on Zero Trust, so we are kicking off a blog series to bring clarity to what Zero Trust is and what it means. This first blog will draw on the past, present, and future to bring a clear vision while keeping our feet planted firmly on the...

Reduce Risk from Insider Threats Using Imperva Data Security Fabric

The definition of insider threats is as broad as the risks it represents. While insider threats may originate from negligent or malicious employees, they can also be external cybercriminals who bypassed perimeter controls using a compromised user account. No matter the source, or motivation,...

Conti Leaks: Examining the Panama Papers of Ransomware | Trellix

Conti Leaks: Examining the Panama Papers of Ransomware By John Fokker, Jambul Tologonov · March 31, 2022 Introduction It isn’t often the whole world gets an inside look of the business operations of a top tier cybercriminal group. Very early on in the Russian-Ukrainian Crisis the predominantly...

Conti Leaks: Examining the Panama Papers of Ransomware | Trellix

Conti Leaks: Examining the Panama Papers of Ransomware By John Fokker, Jambul Tologonov · March 31, 2022 Introduction It isn’t often the whole world gets an inside look of the business operations of a top tier cybercriminal group. Very early on in the Russian-Ukrainian Crisis the predominantly...

Lapsus$ ‘Back from Vacation’

The Lapsus$ data extortionists are back from a week-long “vacation,” they announced on Telegram, posting ~70GB worth of data purportedly stolen from software development giant Globant. “We are officially back from a vacation,” the gang wrote on their Telegram channel, posting images of exfiltrated....

WordPress Books & Papers plugin <= 0.20210223 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting (XSS) vulnerability discovered by fuzzyap1 in WordPress Books & Papers plugin (versions &lt;= 0.20210223). Solution Deactivate and delete. This plugin has been closed as of February 15, 2022 and is not available for download. This closure is temporary, pending a full...

Books & Papers <= 0.20210223 - Admin+ Stored Cross-Site Scripting

The plugin does not escape its Custom DB prefix settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed PoC Put the following payload in the Custom DB Prefix settings of the plugin: Books_n_Papers"...

Books & Papers <= 0.20210223 - Admin+ Stored Cross-Site Scripting

The plugin does not escape its Custom DB prefix settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is...

CVE-2020-16232

In Yokogawa WideField3 R1.01 - R4.03, a buffer overflow could be caused when a user loads a maliciously crafted project...

CVE-2020-16232

In Yokogawa WideField3 R1.01 - R4.03, a buffer overflow could be caused when a user loads a maliciously crafted project...

Buffer overflow

In Yokogawa WideField3 R1.01 - R4.03, a buffer overflow could be caused when a user loads a maliciously crafted project...

CVE-2020-16232 Yokogawa WideField3 Buffer Copy Without Checking Size of Input

In Yokogawa WideField3 R1.01 - R4.03, a buffer overflow could be caused when a user loads a maliciously crafted project...

How to use the Gartner® 2022 Strategic Roadmap for Data Security Platform Convergence

“It is not the strongest species that survive, nor the most intelligent, but the ones most responsive to change.” – Charles Darwin Evolution and innovation form the basis of most modern business mission statements. However, the same organizations pursuing growth and change often do not put...

[Security Nation] Bob Lord on Securing the DNC

In this episode of Security Nation, Jen and Tod chat with Bob Lord, recently the Chief Security Officer for the Democratic National Committee, about the unique challenges of overseeing cybersecurity at a high-profile political entity. Bob talks about becoming the Marie Condo of cybersecurity, the.....

By the Numbers: The Cost of Insider Data Breach vs The Cost of Protection

The global business data security landscape has become dramatically more challenging over the last few years. One of the main reasons for this is insider threats, as reported in the 2022 Cost of Insider Threats Global Report, independently conducted by The Ponemon Institute. Several factors have...

Blunting RDP brute-force attacks with rate limiting

Thanks to the Malwarebytes Threat Intelligence Team for the information they provided for this article. Not long ago, guessing a Windows Remote Desktop Protocol (RDP) password successfully was widely regarded as ransomware operators' number one choice for breaching a target. It attracted a lot of.....

[Security Nation] Matthew Kienow on Open-Source Security and the Recog Framework

In this episode of Security Nation, Jen and Tod chat with Matthew Kienow, Senior Software Engineer at Rapid7, about open-source security – a subject he knows a thing or two about from his work on Metasploit, AttackerKB, and most recently the Recog recognition framework. They discuss the selling...

Conti Ransomware Decryptor, TrickBot Source Code Leaked

The pro-Ukraine member of the Conti ransomware gang who promised to eviscerate the extortionists after they pledged support for the Russian government has spilled yet more Conti guts: The latest dump includes source code for Conti ransomware, TrickBot malware, a decryptor and the gang’s...

Conti Ransomware Group Internal Chats Leaked Over Russia-Ukraine Conflict

UPDATE: As of March 2, 2022, Conti began taking down exposed infrastructure as a result of the chat disclosure. At that time, we assessed that due to their sophisticated capability, deep funding, and quick recovery from exposed infrastructure in November 2021, they remained an active and...

Ukraine-Russia Cyber Warzone Splits Cyber Underground

The Russia-Ukraine cyber warzone has split the Conti ransomware gang into warring factions, leading to a Ukrainian member spilling 60,000 of the group’s internal chat messages online. On Monday, vx-underground – an internet collection of malware source code, samples and papers that’s generally...

How Insider Threats Drive Better Data Protection Strategies

Fifty-eight percent of sensitive data security incidents are caused by insider threats, according to a recent study by Forrester Research. Insider threats originate from inappropriate use of legitimate authorized user accounts. These accounts - assigned to internal employees and business...

Imperva Adds Active Attack Detection to its Data Security Platform

Protecting the data perimeter Organizations are in constant pursuit of technology that provides rapid insight into threats. Early visibility, in combination with context-rich alerting and efficient incident response workflows, streamline threat containment and remediation efforts. Identifying...

US Government sets forth Zero Trust architecture strategy and requirements

To help protect the United States from increasingly sophisticated cyber threats, the White House issued Executive Order (EO) 14028 on Improving the Nation’s Cybersecurity, which requires US Federal Government organizations to take action to strengthen national cybersecurity.1 Section 3 of EO 14028....

US Government sets forth Zero Trust architecture strategy and requirements

To help protect the United States from increasingly sophisticated cyber threats, the White House issued Executive Order (EO) 14028 on Improving the Nation’s Cybersecurity, which requires US Federal Government organizations to take action to strengthen national cybersecurity.1 Section 3 of EO 14028....

[Security Nation] Amit Serper on Finding Leaks in Autodiscover

In this episode of Security Nation, Jen and Tod chat with Amit Serper, Director of Security Research at Akamai, on his work uncovering a flaw in the Autodiscover protocol within Microsoft Exchange that can leak domain credentials outside an organization. Amit details some of the techniques he and.....

EU Data Protection Watchdog Calls for Ban on Pegasus-like Commercial Spyware

The European Union's data protection authority on Tuesday called for a ban on the development and the use of Pegasus-like commercial spyware in the region, stating that the technology's "unprecedented level of intrusiveness" could endanger users' right to privacy. "Pegasus constitutes a paradigm...

Why Insisting on Complicated Passwords can be a Dangerous Security Practice

According to the Forester Insider Threat report, commissioned by Imperva in 2021, 50% of the companies surveyed plan to increase security awareness among their employees over the next 12 months. Many are already doing so and have solid practices in place. According to the 2022 Ponemon Report on...

Five Takeaways from FlexBooker’s Data Breach

A few weeks ago, an appointment scheduling solution, FlexBooker notified its customers that it had been breached. Imperva has no specific insider knowledge into how the breach unfolded, but we can learn a lot from FlexBooker’s data breach notification as well as additional related sources. In this....

Yokogawa iDefine, STARDOM, ASTPLANNER, and TriFellows Stack-Based Buffer Overflow (CVE-2018-0651)

Buffer overflow in the license management function of YOKOGAWA products (iDefine for ProSafe-RS R1.16.3 and earlier, STARDOM VDS R7.50 and earlier, STARDOM FCN/FCJ Simulator R4.20 and earlier, ASTPLANNER R15.01 and earlier, TriFellows V5.04 and earlier) allows remote attackers to stop the license.....

Unified Office Total Connect Now Cookie Parameter SQL Injection

Advisory Information Title: Unified Office Total Connect Now℠ Cookie Parameter SQL Injection Advisory ID: CORE-2022-0001 Advisory URL: ** https://www.coresecurity.com/core-labs/advisories/unified-office-total-connect-sql-injection Date published: 2022-02-01 Date of last update: 2022-02-01 ...

Five Data Privacy Tips for Consumers

As a consumer, you must assume that your personal information is not 100% safe online. Hackers cause data breaches every single day, exposing our email addresses, passwords, credit card numbers, social security numbers and other sensitive personal data in the process. Most people don’t think about....

CVE-2021-46086

xzs-mysql &gt;= t3.4.0 is vulnerable to Insecure Permissions. The front end of this open source system is an online examination system. There is an unsafe vulnerability in the functional method of submitting examination papers. An attacker can use burpuite to modify parameters in the packet to...

CVE-2021-46086

xzs-mysql &gt;= t3.4.0 is vulnerable to Insecure Permissions. The front end of this open source system is an online examination system. There is an unsafe vulnerability in the functional method of submitting examination papers. An attacker can use burpuite to modify parameters in the packet to...

Code injection

xzs-mysql &gt;= t3.4.0 is vulnerable to Insecure Permissions. The front end of this open source system is an online examination system. There is an unsafe vulnerability in the functional method of submitting examination papers. An attacker can use burpuite to modify parameters in the packet to...

CVE-2021-46086

xzs-mysql &gt;= t3.4.0 is vulnerable to Insecure Permissions. The front end of this open source system is an online examination system. There is an unsafe vulnerability in the functional method of submitting examination papers. An attacker can use burpuite to modify parameters in the packet to...

T-Reqs-HTTP-Fuzzer - A Grammar-Based HTTP Fuzzer

T-Reqs (Two Requests) is a grammar-based HTTP Fuzzer written as a part of the paper titled "T-Reqs: HTTP Request Smuggling with Differential Fuzzing" which was presented at ACM CCS 2021. BibTeX of the paper: @inproceedings{ccs2021treqs, title={T-Reqs: HTTP Request Smuggling with Differential...

Is the Internet of Things the Next Ransomware Target?

Ransomware attacks over the last couple years have been traumatic, impacting nearly every business sector and costing billions of dollars. The targets have mostly been our data: steal it, encrypt it, and then charge us a fee to get it back. Over the last several years, there's been concern across.....

Being Naughty to See Who Was Nice: Machine Learning Attacks on Santa’s List

Editor’s note: We had planned to publish our Hacky Holidays blog series throughout December 2021 – but then Log4Shell happened, and we dropped everything to focus on this major vulnerability that impacted the entire cybersecurity community worldwide. Now that it’s 2022, we’re feeling in need of...

Silicon Labs Z-Wave chipsets contain multiple vulnerabilities

Overview Various Silicon Labs Z-Wave chipsets do not support encryption, can be downgraded to not use weaker encryption, and are vulnerable to denial of service. Some of these vulnerabilities are inherent in Z-Wave protocol specifications. Description Z-Wave devices based on Silicon Labs chipsets.....

2021 in Review, Part 4: 5 Cybersecurity Topics to Watch in 2022

One of the core principles of cybersecurity is not letting things “slip through the cracks”. An effective security posture depends on visibility. The more visibility you have into the environments where your data is, the more successful you will be in applying your organization’s security...

Detecting Evasive Malware on IoT Devices Using Electromagnetic Emanations

Cybersecurity researchers have proposed a novel approach that harnesses electromagnetic field emanations from the Internet of Things (IoT) devices as a side-channel to glean precise knowledge about the different kinds of malware targeting the embedded systems, even in scenarios where obfuscation...

Relay races, batons, and techniques: How to improve your cloud security posture

In 2008, the US 4x100m relay team was the favorite to win the gold medal at the Beijing Olympics. Not a massive surprise, considering that team included the second fastest athlete in history, Tyson Gay. It was a great shock though when the team blundered on the last exchange, dropping the baton,...

New Mobile Network Vulnerabilities Affect All Cellular Generations Since 2G

Researchers have disclosed security vulnerabilities in handover, a fundamental mechanism that undergirds modern cellular networks, which could be exploited by adversaries to launch denial-of-service (DoS) and man-in-the-middle (MitM) attacks using low-cost equipment. The "vulnerabilities in the...

Ransom DDoS Enters its Fourth Wave

Extortionists target industries with most to lose from an outage Cybercriminals continue to target organizations threatening Denial of Service (DDoS) attacks in exchange for a ransom payment, traditionally demanded in bitcoin (BTC). And it seems that no matter how many times these ransom threat...

Build successful data security evaluation criteria with help from your peers

When you evaluate data security products it is imperative to have the end goal in sight. If you look forward 365 days from now, what is the best way to predict how your team will use the product so that you can communicate the value that it will provide? One approach is to examine operational...

Grinchbots strike again this holiday shopping season as bot traffic spikes 73%

The days are getting chilly, holiday drinks are back on the menu at your favorite café and family gatherings are planned. In an almost pavlovian response, Grinchbots have also returned in record levels to ruin your online holiday shopping experience. In the State of Security Within eCommerce in...

What is a Supply Chain Attack ❓

Presentation The Kaseya cyberattack disturbed more than 1,000 organizations over the Fourth of July weekend and may end up being perhaps the greatest hack ever. It’s additionally a typical case of an “Supply Chain” hack: a sort of cyberattack where hoodlums target programming merchants or IT...

Modernizing your code with C++20

​C++20 is here! In fact, as we head towards 2022, it’s been here a while. It may surprise some, but we’re only a few months from a freeze on new proposals for C++23! But let’s not get ahead of ourselves. C++20 is a big release - at least the biggest since C++11 - some have said it's the biggest...

SideCopy APT: Connecting lures to victims, payloads to infrastructure

This blog post was authored by Hossein Jazi and the Threat Intelligence Team. Last week, Facebook announced that back in August it had taken action against a Pakistani APT group known as SideCopy. Facebook describes how the threat actors used romantic lures to compromise targets in Afghanistan. In....