Cuvva: Time-limit Bypassing, Rate-limit Bypassing and Spamming at https://ops.cuvva.co

Hello cuvva secteam, Hope you are well and safe Summary When trying to sign in at https://ops.cuvva.com: 1. There is no checking if supplied email is valid before sending login link Note: the sent login links do not work but this bug can be used for spamming any supplied email. 2. The time-limit...

Cisco Email Security Appliance URL Filtering Bypass (cisco-sa-20191120-esa-url-bypass)

According to its self-reported version, Cisco Email Security Appliance ESA is affected by a vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software due to insufficient input validation of URLs. An unauthenticated, remote attacker can exploit this, by crafting the URL in a...

Who’s Behind the ‘Web Listings’ Mail Scam?

In December 2018, KrebsOnSecurity looked at how dozens of U.S. political campaigns, cities and towns had paid a shady company called Web Listings Inc. after receiving what looked like a bill for search engine optimization SEO services rendered on behalf of their domain names. The story concluded...

Identifying Let’s Encrypt Revoked Certificates

Let's Encrypt is a free, automated, open certificate authority CA run for the public's benefit as a service from the Internet Security Research Group ISRG. It provides free digital certificates to enable HTTPS SSL/TLS for websites via user-friendly means. Earlier this week, Let's Encrypt announce...

Reputation Intelligence At Your Fingertips

How important is a reputation? American entertainer Will Rogers once famously said, “it takes a lifetime to build a good reputation, but you can lose it in a minute.” Our reputations are valuable commodities that establish rapport and clout among our colleagues, partners, and customers. A good...

EXIST - Web Application For Aggregating And Analyzing Cyber Threat Intelligence

EXIST is a web application for aggregating and analyzing CTI cyber threat intelligence. EXIST is written by the following software. Python 3.5.4 Django 1.11.22 Concept EXIST is a web application for aggregating CTI to help security operators investigate incidents based on related indicators. EXIS...

GitLab Doles Out Half a Million Bucks to White Hats

GitLab has awarded a total of $565,650 in security bug bounties to 171 researchers who reported valid vulnerabilities in the past year — and has announced the winners of its latest hacking contest. GitLab, which started out as a web-based Git repository manager before moving into the DevOps...

Sooty - The SOC Analysts All-In-One CLI Tool To Automate And Speed Up Workflow

Sooty is a tool developed with the task of aiding SOC analysts with automating part of their workflow. One of the goals of Sooty is to perform as much of the routines checks as possible, allowing the analyst more time to spend on deeper analysis within the same time-frame. Sooty is now proudly...

CVE-2019-15988

A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An...

CVE-2019-15988

A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An...

Input validation

A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An...

CVE-2019-15988

CVE-2019-15988 affects Cisco Email Security Appliance (ESA) running Cisco AsyncOS Software. A vulnerability in input validation of URLs could allow an unauthenticated, remote attacker to bypass the device’s URL reputation filters, enabling malicious URLs to pass through. Root cause: insufficient ...

CVE-2019-15988 Cisco Email Security Appliance URL Filtering Bypass Vulnerability

A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An...

CVE-2019-15988 Cisco Email Security Appliance URL Filtering Bypass Vulnerability

A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An...

Cisco Email Security Appliance AsyncOS Software Input Validation Error Vulnerability

Cisco Email Security Appliance ESA is an email security appliance from Cisco in the U.S. AsyncOS Software is the operating system that runs on it. An input validation error vulnerability exists in AsyncOS Software 12.5.0 and earlier versions of the Cisco ESA, which stems from the program not...

Taking Reputation to Scale: An Iterative Journey with an Agile Approach (Part 2)

In Part 1 of this blog, we shared with you the challenges we had in balancing latency, scalability, and cost for our reputation services. In this blog, we’ll give you some insights into each major iteration along that journey, from the beginning to where we are now. 100 requests per second. Befor...

Cisco Email Security Appliance URL Filtering Bypass Vulnerability

A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An...

CVE-2019-3641

Abuse of Authorization vulnerability in APIs exposed by TIE server in McAfee Threat Intelligence Exchange Server TIE Server 3.0.0 allows remote authenticated users to modify stored reputation data via specially crafted messages...

Taking Reputation to Scale: The Delicate Balance of Latency, Scale, and Cost (Part 1)

When it comes to serving reputation, even a millisecond of latency could create havoc, resulting in the unwanted spread of malware and causing costly consequences that no security company or customer wants. And that’s why we, as engineers here at Carbon Black, are constantly working towards...

The hidden costs of security breaches

The real cost of a security breach to your business is larger than many imagine. On the surface there is incredible expensive to recovering from breaches. What is often also at risk is the inestimable damage to company morale, brand reputation, and operations. The post The hidden costs of securit...