Bluetooth Smart MITM Framework: BtleJuice

Bluetooth Smart MITM Framework BtleJuice is a complete framework to perform Man-in-the-Middle attacks on Bluetooth Smart devices also known as Bluetooth Low Energy. It is composed of: an interception core an interception proxy a dedicated web interface Python and Node.js bindings How to install...

New Relic: Login CSRF vulnerability

Hi New Relic security team, While doing pentesting on your website, I found that while logging into the account the "authenticitytoken" was not properly validated. I was able to login into my account even without "authenticitytoken". Impact: High Steps to Reproduce: 1 Login to your account. 2 Whi...

Tenable SecurityCenter < 5.4.0 Multiple Vulnerabilities (TNS-2016-12)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is prior to 5.4.0. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the bundled version of libcurl due to using an insecure pat...

SuperFish Vulnerability

Lenovo Security Advisory: LEN-2015-010 Potential Impact: Man-in-the-Middle Attack Severity: High Summary: This advisory only applies to Lenovo Notebook products. ThinkPad, ThinkCentre, Lenovo Desktop, ThinkStation, ThinkServer and System x products are not impacted. SuperFish was previously...

Misys FusionCapital Opics Plus Information Disclosure Vulnerability

Misys FusionCapital Opics Plus is an end-to-end scalable money business solution for the financial industry from Misys UK. The solution provides IAS-compliant accounting structures, foreign exchange tools and client-facing e-banking capabilities. A security vulnerability exists in Misys...

Google Updates CA Trust Mechanisms in Android Nougat

Google last week announced changes in the way it will handle trusted Certificate Authorities in Nougat, the latest version of the Android operating system. The changes are expected to cut into the likelihood of a successful man-in-the-middle attack, or a device falling victim to an...

Hackers Can Steal Your ATM PIN from Your Smartwatch Or Fitness Tracker

As your day-to-day apparel and accessories are turning into networked mobile electronic devices that attach to your body like smartwatch or fitness band, the threat to our personal data these devices collect has risen exponentially. A recent study from Binghamton University also suggests your...

The vulnerability of the Zyxel ZLD operating system allows a remote attacker to intercept network traffic.

The Zyxel ZyWALL USG 300 network interface card/mesh router does not perform ARP packet authentication for packets transmitted over the IPv4 protocol. This allows for intercepting traffic processed by this router through ARP spoofing attacks...

The vulnerability of the microprogrammed software of the D–Link DSR–250 router allows a malicious individual to intercept network traffic.

The microprogrammed software of the D-Link DSR-250 router does not perform ARP packet authentication for packets transmitted over the IPv4 protocol. This allows for intercepting the traffic processed by this router through ARP spoofing attacks...

The vulnerability of the microprogrammed routing software of the D–Link DSR–1000 allows a malicious actor to intercept network traffic.

The microprogrammed software of the D-Link DSR-1000 router does not perform ARP packet authentication for packets transmitted over the IPv4 protocol. This allows for intercepting the traffic processed by this router through ARP spoofing attacks...

The vulnerability of the microprogrammed logic controller Siemens Simatic S7-1200 allows a malicious actor to intercept communication sessions.

The software of the Siemens SIMATIC S7-1200 programmable logic controller contains a vulnerability in the random number generator integrated into the authentication handler of the web server. During operation, it is possible to intercept a communication session by adjusting the session identifier...

Instagram Block - Moderately Critical - Information Disclosure - SA-CONTRIB-2016-037

This module enables you to authenticate with Instagram's API via an intermediary service instagram.yanniboi.com. The module doesn't sufficiently advise that your authentication tokens could be intercepted. CVE identifiers issued ACVE identifier will be requested, and added upon issuance, in...

The vulnerability of Cisco IPS software allows a malicious actor to intercept sessions.

The vulnerability exists in OpenSSL due to an improper limitation on the processing of ChangeCipherSpec messages. Exploiting this vulnerability allows a malicious actor to induce the use of a null-length master key in the OpenSSL-to-OpenSSL communication, thereby intercepting the session or gaini...

Vulnerability of Cisco ASA software, allowing a malicious actor to intercept sessions

The vulnerability exists in OpenSSL due to an improper limitation on the processing of ChangeCipherSpec messages. Exploiting this vulnerability allows a malicious actor to induce the use of a null-length master key in the OpenSSL-to-OpenSSL communication, thereby intercepting the session or gaini...

The vulnerability of Cisco PIX software allows a malicious actor to intercept sessions.

The vulnerability in the Cisco PIX Firewall allows a malicious actor to intercept a user’s VPN session...

Vulnerability of Cisco ACE software, which allows a malicious actor to intercept sessions

The vulnerability exists in OpenSSL due to an improper limitation on the processing of ChangeCipherSpec messages. Exploiting this vulnerability allows a malicious actor to induce the use of a null-length master key in the OpenSSL-to-OpenSSL communication, thereby intercepting the session or gaini...

The vulnerability of the Internet Explorer browser allows attackers to gain unauthorized access to transmitted data.

The Internet Explorer browser contains a vulnerability related to improper certificate reconciliation during a TLS session. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to data by intercepting the TLS connection that involves mutual authentication between the...

The vulnerability of the Cisco IOS operating system, which allows a remote attacker to intercept network traffic.

The Cisco IOS operating system does not perform ARP packet authentication, which allows for intercepting traffic processed by devices running this operating system through ARP spoofing attacks...

The vulnerability of the Cisco IOS operating system, which allows a malicious actor to trigger a “disconnection”

Cisco IOS software contains a vulnerability in the Open Shortest Path First OSPF and Routing Protocol Link State Advertisement LSA protocols. This vulnerability allows a malicious actor to send specially crafted OSPF packets, thereby causing a router to fail or intercept network traffic...

Slack: User can start call in a channel of an unpaid account

Found a super minor issue that allows a user to start a call in a channel of an unpaid account. Besides the minor financial incentive for an attacker, this doesn't have a super high impact. Wanted to let you know anyway since it's not possible through the UI by default. To reproce it, start by...