Malcolm - A Powerful, Easily Deployable Network Traffic Analysis Tool Suite For Full Packet Capture Artifacts (PCAP Files) And Zeek Logs

Malcolm is a powerful network traffic analysis tool suite designed with the following goals in mind: Easy to use – Malcolm accepts network traffic data in the form of full packet capture PCAP files and Zeek formerly Bro logs. These artifacts can be uploaded via a simple browser-based interface or...

Security Bulletin: OpenSSL as used in IBM QRadar Network Packet Capture is vulnerable to information exposure (CVE-2018-5407)

Summary OpenSSL as used in IBM QRadar Network Packet Capture is susceptible to information exposure. Vulnerability Details CVEID: CVE-2018-5407 Description: Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution...

PT-2019-17685 · Ubiquiti · Unifi Controller

Name of the Vulnerable Software and Affected Versions: UniFi Controller versions prior to 5.10.22 Description: A malicious actor can set up an SMTP proxy server between the UniFi Controller and the actual SMTP server to record SMTP credentials for later malicious use. Recommendations: For version...

CVE-2019-3948

The Amcrest IP2M-841B V2.520.AC00.18.R, Dahua IPC-XXBXX V2.622.0000000.9.R, Dahua IPC HX5X3X and HX4X3X V2.800.0000008.0.R, Dahua DH-IPC HX883X and DH-IPC-HX863X V2.622.0000000.7.R, Dahua DH-SD4XXXXX V2.623.0000000.7.R, Dahua DH-SD5XXXXX V2.623.0000000.1.R, Dahua DH-SD6XXXXX V2.640.0000000.2.R an...

CVE-2019-3948

CVE-2019-3948 impacts Amcrest IP2M-841B and several Dahua cameras/NVRs that expose HTTP endpoint /videotalk without authentication. An unauthenticated remote attacker can connect to this endpoint and potentially listen to device audio. Public documentation across multiple sources confirms the iss...

GHSA-MPF2-Q34C-FC6J Infinite Loop in scapy

scapy is affected by a Denial of Service vulnerability resulting in an infinite loop and resource consumption rendering the program unresponsive. The component is: RADIUSAttrPacketListField.getfieldself... The attack vector is over the network or in a pcap. both work...

PYSEC-2019-120

scapy 2.4.0 is affected by: Denial of Service. The impact is: infinite loop, resource consumption and program unresponsive. The component is: RADIUSAttrPacketListField.getfieldself... The attack vector is: over the network or in a pcap. both work...

EvilGnome: A New Backdoor Implant Spies On Linux Desktop Users

Security researchers have discovered a rare piece of Linux spyware that's currently fully undetected across all major antivirus security software products, and includes rarely seen functionalities with regards to most Linux malware, The Hacker News learned. It's a known fact that there are a very...

New Attack Lets Android Apps Capture Loudspeaker Data Without Any Permission

Earlier this month, The Hacker News covered a story on research revealing how over 1300 Android apps are collecting sensitive data even when users have explicitly denied the required permissions. The research was primarily focused on how app developers abuse multiple ways around to collect locati...

Unspecified vulnerability in CloudBees Jenkins Docker plugin (CNVD-2019-23799)

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Docker Plugin is used in one of the plugin to...

Fastjson deserialization vulnerability alerts-a vulnerability alert-the black bar safety net

Recently, 360CERT monitoring to the widespread use of the JSON serialization framework Fastjson presence deserialization vulnerability can cause remote code execution, and there is evidence that The attacker can carefully construct the JSON data to achieve remote code execution, may cause the...

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpldoTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing...

CVE-2019-10341

A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpldoTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored i...

PT-2019-11740 · Jenkins · Jenkins Docker Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Docker Plugin versions 1.1.6 and earlier Description: A missing permission check in the DockerAPI.DescriptorImpldoTestConnection function allowed users with Overall/Read access to connect to an attacker-specified URL using...

Master VM Gets Error "The Trust Relatioship Between This Workstation and The Primary Domain Failed" When Trying to Logon to it Using a Domain Account

When trying to log on to master VM using a domain account right after capturing a vDisk from it, an admin user gets error "The trust relationship between this workstation and the primary domain failed." Resetting or deleting and recreating machine account from PVS console does not resolve issue...

Bluetooth Authentication Authorization Bypass Vulnerability in Little Ant Microscan Camera M1

The Ant Microscan Camera M1 is a microscan camera with built-in Bluetooth and wireless capabilities that allow photos to be transferred to a cell phone. A Bluetooth authentication authorization bypass vulnerability exists in the Ant Microsingle Camera M1. An attacker can use this vulnerability to...

ncu-ad-course-2017-pwn

This repository is an offensive tool for a Capture The Flag CTF challenge. It contains a series of pwn tasks created by the author for the NCU A&D course. The tasks are designed to test the participants' skills in exploiting vulnerabilities and bypassing security measures. The repository includes...

Ann Day honey network capture“use of the ElasticSearch Groovy vulnerability Monroe coin(Dog)mining”event analysis-vulnerability warning-the black bar safety net

1, Overview 2019 6 May 13, Ann Day honey network capture to use CVE-2015-1427ElasticSearch Groovyremote command execution vulnerability attacks. The vulnerability principle is Elaticsearch groovy as a scripting language, and based on the use of black and white lists of the sandbox mechanism to...

Buffer Overflow Vulnerability in Virtual VCR Software

Virtual VCR is a DirectShow video capture application that allows you to capture audio and video to your hard drive in AVI file format. A buffer overflow vulnerability exists in the Virtual VCR software that can be exploited by an attacker to cause a denial of service to the server...

Authentication flaw

An authentication bypass in website post requests in the Tzumi Electronics Klic Lock application 1.0.9 for mobile devices allows attackers to access resources that are not otherwise accessible without proper authentication via capture-replay. Physically proximate attackers can use this informatio...