Meet with Wallarm at BlackHat USA 2017

Meet Wallarm team at BlackHat USA 2017 Start your day with a good cup of coffee and a hearty breakfast at PRESS lounge. Join Wallarm team for breakfast on the last day of BlackHat conference. Meet and network with like-minded white hat security professionals while fueling up for another day of...

Virtuozzo 6 : java-1.8.0-openjdk / java-1.8.0-openjdk-debug / etc (VZLSA-2017-1109)

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Virtuozzo 6 : java-1.8.0-openjdk / java-1.8.0-openjdk-debug / etc (VZLSA-2017-0180)

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

July 11, 2017—KB4025341 (Monthly Rollup)

July 11, 2017—KB4025341 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4022168 released June 27, 2017 and resolves the following issues: Addressed issue called out in KB4022168 where Internet Explorer 11 may close unexpected...

AWS CIS Benchmark Tool: Prowler

Tool based on AWS-CLI commands for AWS account hardening, following guidelines of the CIS Amazon Web Services Foundations Benchmark 1.1 . It covers hardening and security best practices for all regions related to: Identity and Access Management 24 checks Logging 8 checks Monitoring 15 checks...

Pelco Sarix/Spectra Cameras - Remote Code Execution

Schneider Electric Pelco Sarix/Spectra Cameras Root Remote Code Execution Vendor: Schneider Electric SE Product web page: https://www.pelco.com Affected version: Sarix Enhanced - Model: IME219 Firmware: 2.1.2.0.8280-A0.0 Sarix Enhanced - Model: IME119 Firmware: 2.1.2.0.8280-A0.0 Sarix - Model:...

Google Android MediaTek Elevation of Privilege Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, and the MediaTek networking driver is a MediaTek-developed networking driver used in it. The MediaTek networking driver in Android is vulnerable to a power lifting vulnerability...

GShark Framework - Check all your backdoors with only one telegram account

This framework can perform web post exploitation, with this you can interact with multiple web backdoor and execute custom module, script. Check all your backdoors with only one telegram messenger account! Connect web backdoor to master server and control it with Telegram Download visual backdoor...

CVE-2017-0711

A elevation of privilege vulnerability in the MediaTek networking driver. Product: Android. Versions: Android kernel. Android ID: A-36099953. References: M-ALPS03206781...

CVE-2017-0711

A elevation of privilege vulnerability in the MediaTek networking driver. Product: Android. Versions: Android kernel. Android ID: A-36099953. References: M-ALPS03206781...

Privilege escalation

A elevation of privilege vulnerability in the MediaTek networking driver. Product: Android. Versions: Android kernel. Android ID: A-36099953. References: M-ALPS03206781...

CVE-2017-0711

A elevation of privilege vulnerability in the MediaTek networking driver. Product: Android. Versions: Android kernel. Android ID: A-36099953. References: M-ALPS03206781...

AWS Auditing & Hardening Tool: Zeus

Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user. Identity and Access...

BSA-2017-330

Security Advisory ID : BSA-2017-330 Component : JAVA SE Networking Revision : 3.0: Final Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121;...

BSA-2017-327

Security Advisory ID : BSA-2017-327 Component : JAVA SE Networking Revision : 3.0: Final Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficul...

Cisco Prime Infrastructure 3.1.6 XXE Injection / XSS / LFD / SQL Injection

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XML External Entity Injection XXE, SQL Injection, Cross Site Scripting, Local File Disclosure product: Cisco Prime Infrastructure vulnerable version: 1.1 through 3.1.6...

Palo Alto PAN-OS Kernel Vulnerability

A vulnerability exists in the Linux kernel of PAN-OS that may result in Remote Code Execution. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Join Wallarm at ISSA’s Cornerstones of Trust event on June 20th

Next week, local chapter of Information Systems Security Association check them out at http://www.sv-issa.org is organizing a focused security conference looking into the issues of securing end users, enterprise technologies and security processes. Come meet Wallarm to learn about trends and best...

Low: Red Hat Security Advisory: openstack-heat security and bug fix update

An update for openstack-heat is now available for Red Hat OpenStack Platform 8.0 Liberty. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

(Pwn2Own) Microsoft Windows TdxCreateTransportAddress Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the tdx.sys...