151 matches found
Panda Global Security 17.0.1 NULL DACL Grants Full Access
===== Tempest Security Intelligence - ADV-17/2018 === Panda Global Security 17.0.1 - NULL DACL grants full access ------------------------------------------------------- Author: - Filipe Xavier Oliveira: ===== Table of Contents ===================================================== Overview Detail...
WPS Free Office 10.2.0.5978 NULL DACL Grants Full Access
===== Tempest Security Intelligence - ADV-16/2018 === WPS Free Office 10.2.0.5978 - NULL DACL grants full access ------------------------------------------------------- Author: - Filipe Xavier Oliveira: filipe.xavier tempest.com.br ===== Table of Contents...
Panda Global Security 17.0.1 Unquoted Service Path
===== Tempest Security Intelligence - ADV-18/2018 === Panda Global Security 17.0.1 - Unquoted service path ------------------------------------------------------- Author: - Filipe Xavier Oliveira: sc qc pandaurlfiltering SERVICENAME: pandaurlfiltering TYPE : 10 WIN32OWNPROCESS STARTTYPE : 2...
Hola VPN 1.79.859 Insecure Service Permissions
===== Tempest Security Intelligence - ADV-22/2018 === Hola VPN 1.79.859 - Insecure service permissions ------------------------------------------------------- Author: - Filipe Xavier Oliveira: ===== Table of Contents ===================================================== Overview Detailed...
10-Strike Network Monitor 5.4 Unquoted Service Path
===== Tempest Security Intelligence - ADV-20/2018 === 10-Strike Network Monitor 5.4 - Unquoted Service Path ------------------------------------------------------- Author: - Filipe Xavier Oliveira: sc qc srvInventoryWebServer SC QueryServiceConfig SUCCESS SERVICENAME: srvInventoryWebServer TYP...
Rapid Scada 5.5.0 Insecure Permissions Vulnerability
Exploit for windows platform in category local exploits Rapid Scada - 5.5.0 - Insecure Permissions ------------------------------------------------------- Author: - Filipe Xavier Oliveira: icacls SCADA SCADA BUILTIN\Administrators:IF BUILTIN\Administrators:IOICIIOF NT AUTHORITY\SYSTEM:IF NT...
Rapid Scada 5.5.0 Insecure Permissions
===== Tempest Security Intelligence - ADV-21/2018 === Rapid Scada - 5.5.0 - Insecure Permissions ------------------------------------------------------- Author: - Filipe Xavier Oliveira: icacls SCADA SCADA BUILTIN\Administrators:IF BUILTIN\Administrators:IOICIIOF NT AUTHORITY\SYSTEM:IF NT...
Improve the ROI of Your Database Protection Investment
When an organization considers switching a mission-critical compliance or security system from one vendor’s solution to another it’s a very big decision. There is expense involved in acquiring the new solution, it will take time and money to deploy and retrain staff, and it will take careful...
“Ready Player One” – Are you Ready to Protect Your Endpoints from the Bad Guys?
At times it can feel like a game as you watch the cyber-breach scorecards. Yahoo 3 billion users, Equifax 143 million consumers, Uber 57 million users, Imgur 1.7 million users are just a sample of the companies that have released new information on large breaches in the last few months...
We’re moving to Microsoft Secure
We’re packing up and moving! Starting January 2018, we’ll move our blogs to Microsoft Secure. At Microsoft Secure, you will find technical information for Office 365, Microsoft Azure, and Windows, alongside product updates, cybersecurity guidance, industry trends, and more. You can expect the sam...
SOC Forum 2017: How I Learned to Stop Worrying and Love Massive Malware Attacks
Today I spoke at SOC Forum 2017 in Moscow. It was a great large-scale event about Security Operation Centers. 2,700 people registered. Lots of people in suits . And lots of my good fellows. The event was held in Radisson Royal Congress Park. There were three large halls for presentations and a hu...
Sync Breeze 10.1.16 Buffer Overflow Vulnerability
Sync Breeze version 10.1.16 is vulnerable to a buffer overflow vulnerability, which can be exploited remotely or locally to achieve arbitrary code execution. The flaw is triggered by providing a long input into the "Destination directory" path of the application. Sync Breeze 10.1.16 Buffer Overfl...
Bad Rabbit Ransomware Uses Leaked 'EternalRomance' NSA Exploit to Spread
A new widespread ransomware worm, known as "Bad Rabbit," that hit over 200 major organisations, primarily in Russia and Ukraine this week leverages a stolen NSA exploit released by the Shadow Brokers this April to spread across victims' networks. Earlier it was reported that this week's...
Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene
In the first six months of 2017, ransomware threats reached new levels of sophistication. The same period also saw the reversal of a six-month downward trend in ransomware encounters. New ransomware code was released at a higher rate with increasing complexity. Two high-profile ransomware inciden...
Akamai Is Named A Leader In Gartner's Magic Quadrant For Web Application Firewalls
"Don't work for recognition, but do work worthy of recognition" - H. Jackson Brown. A friend sent this quote to me after I explained to her my ambivalence about being recognized by Gartner as a "Leader" in their Web Application Firewall Magic Quadrant. I had mixed feelings because I wanted to...
Microsoft Adding Artificial-Intelligence Based Advanced Antivirus to Windows 10
Microsoft is making every effort to make its Windows operating system more secure and advanced than ever before by beefing up its security practices and hardening it against hackers and cyber attacks in its next release. With the launch of its Windows 10 Creator Update also known as RedStone 3,...
Supply Chain Security: Akamai from a Customer's Risk Perspective
Managing risk is a key aspect of any business. This becomes more complicated when additional parties, such as vendors are brought into the mix. One of the strongest pieces of guidance on managing vendors that customers have brought to Akamai comes from the US Office of the Comptroller of the...
Ghost Blog 0.11.3 Cross Site Scripting
===== Tempest Security Intelligence - ADV-9/2017 ======================== Persistent Cross-Site Scripting XSS in Ghost ------------------------------------------------------- Author: - Patrick Costa Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents...
Ghost Blog 0.11.3 Cross Site Scripting Vulnerability
Tempest Security Intelligence Advisory ADV-9/2017 - Ghost Blog version 0.11.3 suffers from a persistent cross site scripting vulnerability. Persistent Cross-Site Scripting XSS in Ghost ------------------------------------------------------- Author: - Patrick Costa Tempest Security Intelligence -...
Audacity 2.1.2 DLL Hijacking Vulnerability
Tempest Security Intelligence Advisory ADV-7/2016 - Audacity version 2.1.2 is vulnerable to dll hijacking as it tries to load avformat-55.dll without supplying the absolute path, thus relying upon the presence of such dll on the system directory. This behavior results in an exploitable dll...