CVE-2020-24404

Magento version 2.4.0 and 2.3.5p1 and earlier are affected by an incorrect permissions vulnerability within the Integrations component. This vulnerability could be abused by users with permissions to the Pages resource to delete cms pages via the REST API without authorization...

Help Net Security – ThreadFix 3.0 Review

Help Net Security recently published a review of ThreadFix 3.0. Security Researcher, Toni Grzinic, took a deep dive into our vulnerability management platform and broke down everything from infrastructure, reporting and analytics, to integrations, and beyond. Click here to read Tonis full review ...

VMware Carbon Black First to Block Hidden Malicious Commands in Obfuscated Scripts

For a long time now, our Threat Analysts have flagged the growing threat of script-based attacks, especially from Microsoft PowerShell and Windows Management Interface script commands, and their ability to escape notice in many antivirus solutions. Increasingly, these types of attacks have become...

Release Notes for Veeam Backup & Replication 10a

More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Challenge Release Notes for Veeam Backup & Replication 10a. Cause Please confirm that you are running version 9.5 Update 3 build 9.5.0.1536 or later prior to upgrading...

Automatic Visibility And Immediate Security with Trend Micro + AWS Control Tower

Things fail. It happens. A core principle of building well in the AWS Cloud is reliability. Dr. Vogels said it best, “How can you reduce the impact of failure on your customers?” He uses the term “blast radius” to describe this principle. One of the key methods for reducing blast radius is the AW...

Information disclosure in API and Integrations - CVE-2020-14180

Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an Information Disclosure vulnerability in the editform request-type-fields resource. Affected versions:...

Information disclosure in API and Integrations - CVE-2020-14180

Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an Information Disclosure vulnerability in the editform request-type-fields resource. Affected versions:...

XSS in API and Integrations - CVE-2020-14166

Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in API and Integrations. Affected versions: version 4.10.0 Fixed versions: 4.10.0...

MISA expands with new members and new product additions

Another RSA Conference RSAC and another big year for the Microsoft Intelligent Security Association MISA. MISA was launched at RSAC 2018 with 26 members and a year later we had doubled in size to 53 members. Today, I am excited to share that the association has again doubled in size to 102 member...

Native integrations in Wallarm WAF

How to configure sending reports to email? How to get a notification to the messenger about an event requiring a response? How to connect Wallam and other solutions that use DevOps and the security team? Integrations will help to solve all these issues in Wallam WAF. And today we'll talk about th...

Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure Exploit

Exploit for jsp platform in category web applications Exploit Title: Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure PoC Discovery Date: 2019-01-31 Exploit Author: Nolan B. Kennedy nxkennedy Vendor Homepage: https://www.verodin.com/ Software Link :...

Privilege escalation

An issue was discovered in Gallagher Command Centre 7.x before 7.90.991MR5, 8.00 before 8.00.1161MR5, and 8.10 before 8.10.1134MR4. External system configuration data used for third party integrations such as DVR systems were logged in the Command Centre event trail. Any authenticated operator wi...

CVE-2020-7215

An issue was discovered in Gallagher Command Centre 7.x before 7.90.991MR5, 8.00 before 8.00.1161MR5, and 8.10 before 8.10.1134MR4. External system configuration data used for third party integrations such as DVR systems were logged in the Command Centre event trail. Any authenticated operator wi...

CVE-2020-7215

Gallagher Command Centre (versions 7.x prior to 7.90.991 MR5; 8.00 prior to 8.00.1161 MR5; 8.10 prior to 8.10.1134 MR4) contains an information disclosure vulnerability where external system configuration data used for third‑party integrations (e.g., DVR systems) is logged in the Event Trail. Any...

RansomCoin - A DFIR Tool To Extract Cryptocoin Addresses And Other Indicators Of Compromise From Binaries

Extracting metadata and hardcoded Indicators of Compromise from ransomware, in a scalable, efficient, way with cuckoo integrations. Ideally, is it run during cuckoo dynamic analysis, but can also be used for static analysis on large collections of ransomware. Designed to be fast, with low false...

Microsoft Intelligent Security Association grows to more than 80 members

Sometimes an idea sparks, and it feels so natural, so organic, that it takes on a life of its own and surprises you by how fast it grows. The Microsoft Intelligent Security Association MISA was one of these ideas. It was born out of a desire to be easy to do business with and be a better partner ...

ThreatIngestor - Extract And Aggregate Threat Intelligence

An extendable tool to extract and aggregate IOCs from threat feeds. Integrates out-of-the-box with ThreatKB and MISP, and can fit seamlessly into any existing worflow with SQS, Beanstalk, and custom plugins. Overview ThreatIngestor can be configured to watch Twitter, RSS feeds, or other sources,...

CVE-2019-10716

An Information Disclosure issue in Verodin Director 3.5.3.1 and earlier reveals usernames and passwords of integrated security technologies via a /integrations.json JSON REST API request...

Palo Alto Networks Zingbox Inspector Has Unspecified Vulnerability

The Palo Alto Networks Zingbox Inspector is a locally deployed appliance in a Zingbox IoT Command Center IoT control center solution from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks Zingbox Inspector version 1.294 and earlier. An attacker could exploit the...

CVE-2019-15023

A security vulnerability exists in Zingbox Inspector versions 1.294 and earlier, that results in passwords for 3rd party integrations being stored in cleartext in device configuration...