226 matches found
ICS Security Plagued with Basic, Avoidable Mistakes
At least 33 percent of the security issues found in industrial control systems ICS are rated as being of high or critical risk. FireEye iSIGHT Intelligence compiled data from dozens of ICS security health assessment engagements performed by its Mandiant division, and found that these issues inclu...
Zero Trust Security Architectures
This introduction is Part 1 of a 5 part blog series. Jump to Part 2: Network Micro-Segmentation Jump to Part 3: Software Defined Perimeter Jump to Part 4: Identity Aware Proxy Jump to Part 5: Akamai's Approach to Zero Trust Introduction Most enterprises today operate hundreds of applications that...
How to evolve your enterprise network security to a zero trust architecture
In the land behind the firewall, build a fortress in the cloud. Let me explain. When I first started working in IT more than twenty five years ago, laptops and mobile phones were for the privileged few. Most people typically stayed in one place when they were online, in most cases using a desktop...
Data exfiltration techniques
Data exfiltration is the last stage of the kill chain in a generally targeted attack on an organisation. Whilst many excellent papers and tools are available for various techniques this is our attempt to pull all these together. This could also be used as a crib sheet for fellow pen testers who a...
Wipers - Destruction as a means to an end
This whitepaper post is authored by Vitor Ventura and with contributions from Martin Lee In a digital era when everything and everyone is connected, malicious actors have the perfect space to perform their activities. During the past few years, organizations have suffered several kinds of attacks...
Vulnerability in PAN-OS and Panorama on Management Interface
Through the exploitation of a combination of unrelated vulnerabilities, and via the management interface of the device, an attacker could remotely execute code on PAN-OS or Panorama in the context of the highest privileged user. Ref PAN-61094 / PAN-80990 / PAN-80993 / PAN-80994 / CVE-2017-15944...
Debut Embedded httpd 1.20 - Denial of Service Exploit
Exploit for hardware platform in category dos / poc Exploit Title: Remote un-authenticated DoS in Debut embedded httpd server in Brother printers Date: 11/02/2017 Exploit Author: z00n @0xz00n Vendor Homepage: http://www.brother-usa.com Version: = 1.20 CVE : CVE-2017-16249 Description: The Debut...
Debut Embedded HTTPd 1.20 - Denial of Service
Exploit Title: Remote un-authenticated DoS in Debut embedded httpd server in Brother printers Date: 11/02/2017 Exploit Author: z00n @0xz00n Vendor Homepage: http://www.brother-usa.com Version: = 1.20 CVE : CVE-2017-16249 Description: The Debut embedded http server contains a remotely exploitable...
Sonicwall WXA5000 1.3.2-10-30 Console Jail Escape / Privilege Escalation Vulnerabilities
Exploit for cgi platform in category remote exploits Title: Sonicwall WXA5000 Console Jail Escape and Privilege Escalation Advisory ID: KL-001-2017-019 Publication Date: 2017.10.24 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-019.txt 1. Vulnerability Details Affecte...
Using Threat Intelligence to Mitigate Wanna Decryptor (WannaCry)
Basics of Cyber Threat Intelligence Cyber Threat Intelligence is analyzed information about the opportunities, capabilities, and intent of cyber adversaries. The goal of cyber threat intelligence is to help people make decisions about how to prevent, detect, and respond to threats against their...
PT-2017-3763 · Siemens · Hmi Mobile Panels +4
Name of the Vulnerable Software and Affected Versions: Siemens PROFINET DCP versions affected versions not specified SIMATIC HMI Multi Panels and HMI Mobile Panels affected versions not specified S7-300/S7-400 devices affected versions not specified Description: The issue is related to insufficie...
Akamai IT Challenge - 100 apps on EAA in 100 days
About a month or so ago I shared a quick video interview with Joe DeFelice. Joe is a Sr. Director Enterprise Security & Infrastructure Engineering here at Akamai. In the video Joe outlines a few of the major initiatives he and the team are working on, including moving towards eliminating the VPN...
Phoenix Contact ILC PLC Authentication Vulnerabilities
OVERVIEW Matthias Niedermaier and Michael Kapfer of HSASec Hochschule Augsburg have identified authentication vulnerabilities in Phoenix Contact’s ILC inline controller PLCs. Phoenix Contact GmbH & Co. KG has produced a mitigation plan that includes an update and recommended security practices to...
POODLE: SSLv3 Vulnerability - Lenovo Support US
No description provided...
Top 10 — 2016 New Year's Resolutions for Cyber Security Professionals
Billions of dollars are spent in securing business operations, and yet attackers still find ways to breach a network. With the ever increasing growth in security attacks across all threat vectors, you should consider these New Year’s resolutions to help solve your security challenges in 2016: 1...
Chris Valasek Security of Things Forum Keynote
CAMBRIDGE, Mass. – Chris Valasek and Charlie Miller’s car hacking research put a crunching reality on Internet of Things security, moving it beyond almost clichéd discussions of smart refrigerators leaking inconsequential data, to hackers remotely manipulating car brakes. But Furby hacking matter...
Best Practices to Protect You, Your Network, and Your Information
The National Cybersecurity and Communications Integration Center NCCIC and its partners responded to a series of data breaches in the public and private sector over the last year, helping organizations through incident response actions, conducting damage assessments, and implementing restoration...
Epicor Retail Store Help System 3.2.03.01.008 Code Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Title: Code Injection in Epicor Retail Store Help System CVE: CVE-2015-2210 Vendor: Epicor Product: CRS Retail Store v3.2.03.01.008 Affected version: 3.2.03.01.008 Reported by: Zeng Xianbo Joseph [email protected] Issue identified by: Zeng...
SSL 3.0 MITM Attack
A vulnerability affecting most implementations of SSL 3.0 has been discovered that allows an attacker to decrypt some encrypted contents under certain conditions CVE-2014-3566. The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which mak...
Camtron CMNC-200 IP Camera ActiveX Buffer Overflow Vulnerability
No description provided by source. Finding 1: Buffer Overflow in ActiveX Control CVE: CVE-2010-4230 The CMNC-200 IP Camera ActiveX control identified by CLSID DD01C8CA-5DA0-4B01-9603-B7194E561D32 is vulnerable to a stack overflow on the first argument of the connect method. The vulnerability can ...