Proper File Integrity Monitoring Critical in Light of Big Breaches & Regulatory Pressure

In light of the recent mega data breaches that have plagued our market over the last year, and the continued escalation of attempted cyberattacks against critical systems during peak periods i.e. the retail sector POS and payment systems, reported in the Carbon Black Threat Analysis Unit TAU...

[SECURITY] Fedora 27 Update: zchunk-0.9.14-1.fc27

zchunk is a compressed file format that splits the file into independent chunks. This allows you to only download the differences when downloading a new version of the file, and also makes zchunk files efficient over rsync. zchunk files are protected with strong checksums to verify that the file...

Memory Corruption Vulnerability in Kewe's All-in-One Text Screen Configuration Software IOCS

Huangshi Kewei Automatic Control Co., Ltd. is an enterprise that develops, produces and sells embedded PLC, intelligent servo, human-machine interface and other series of industrial control products. A memory corruption vulnerability exists in IOCS, the Kewei Text All-in-One Screen Configuration...

Open Source Host & Endpoint Security: Wazuh

Wazuh is a security detection, visibility, and compliance open source project. It was born as a fork of OSSEC HIDS, later was integrated with Elastic Stack and OpenSCAP evolving into a more comprehensive solution. Wazuh helps you to gain deeper security visibility into your infrastructure by...

CVE-2018-15809

AccuPOS 2017.8 is installed with the insecure "Authenticated Users: Modify" permission for files within the installation path. This may allow local attackers to compromise the integrity of critical resource and executable files...

CVE-2018-15809

The CVE-2018-15809 entry concerns AccuPOS 2017.8 installed with insecure Authenticated Users: Modify permissions on files in the installation path. The root cause is improper file permissions allowing a local attacker to compromise integrity of critical resources and executables. Documentation in...

CVE-2018-10916

CVE-2018-10916 affects the FTP client lftp up to version 4.8.3, where remote file name sanitization can trigger removal of all files in the current working directory during reverse mirroring against a malicious FTP server. The issue is a local integrity risk stemming from improper handling of rem...

CVE-2018-10916

It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server,...

Description of the security update for Office Web Apps Server 2013: June 12, 2018

Description of the security update for Office Web Apps Server 2013: June 12, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...

GDPR Is Here: Put File Integrity Monitoring in Your Toolbox

In this latest post of our series on the EU’s General Data Protection Regulation, we’ll explain how file integrity monitoring FIM can be crucial in helping organizations comply with this severe regulation. GDPR, which went into effect in May and applies to organizations worldwide that handle EU...

Put FIM in Your GDPR Toolbox

File integrity monitoring, like other foundational security practices such as vulnerability management, helps organizations comply with the EU’s General Data Protection Regulation GDPR. FIM specifically provides security controls in three key areas for GDPR: Ensuring integrity of data stored in...

KeePass Simple Dictionary Password Enumerator Exploit

This is a simple perl script to perform dictionary attacks against the KeePass password manager. !/usr/bin/perl KeePass simple dictionary password enumerator Copyright 2018 c Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg KeePass is a free open source password...

Qualys Cloud Platform 2.32 New Features

This release of the Qualys Cloud Platform version 2.32 includes updates and new features for AssetView, EC2 Connector, File Integrity Monitoring, Indication of Compromise, Security Assessment Questionnaire, Web Application Scanning, and Web Application Firewall, highlights as follows. Post update...

If You Think File Integrity Monitoring is Boring, Think Again

You’ll be hard pressed to find file integrity monitoring on any list of cool, emerging, cutting-edge cybersecurity technologies. But if you choose to ignore this mature, foundational technology, it’ll be at great risk. File integrity monitoring, or FIM, plays a key role in critical security and...

Wazuh - Open Source Host and Endpoint Security

Wazuh helps you to gain deeper security visibility into your infrastructure by monitoring hosts at an operating system and application level. This solution, based on lightweight multi-platform agents, provides the following capabilities: Log management and analysis: Wazuh agents read operating...

Implementing the CIS 20 Critical Security Controls: Building Upon Foundational Cyber Hygiene

Most successful cyber attacks exploit known vulnerabilities for which patches are available, or take advantage of weak configuration settings that could have been easily hardened. You can significantly lower the risk of being victimized by this type of common, preventable attack by adopting the...

VirtualBox 5.1.22 - Windows Process DLL Signature Bypass Privilege Escalation

VirtualBox 5.1.22 - Windows Process DLL Signature Bypass Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1257 VirtualBox: Windows Process DLL Signature Bypass EoP Platform: VirtualBox v5.1.22 r115126 x64 Tested on Windows 10 Class: Elevation of Privilege...

Qualys Cloud Suite 8.10.1 New Features

This new patch release of the Qualys Cloud Suite, version 8.10.1, includes updates to password management, user roles & permissions, and User Defined Control improvements in Qualys Policy Compliance PC. Feature Highlights Qualys Cloud Platform Platform Password Improvements - In this release, we...

What About the Plant Floor? Six Subversive Concerns for ICS Environments

Industrial enterprises such as electric utilities, petroleum companies, and manufacturing organizations invest heavily in industrial control systems ICS to efficiently, reliably, and safely operate industrial processes. Without this technology operating the plant floor, these businesses cannot...

CVE-2017-6466

F-Secure Software Updater 2.20, as distributed in several F-Secure products, downloads installation packages over plain http and does not perform file integrity validation after download. Man-in-the-middle attackers can replace the file with their own executable which will be executed under the...