Citrix Provisioning Services - How To Gather CDF Traces

Starting in 1912 LTSR Citrix Provisioning Services improves on the CDF integration that kicked off in the earlier 7.0 days. This now includes the ability to natively maintain persistent rolling CDF trace logs on each PVS Server and Targets if necessary without the need for additional capture...

SUSE-SU-2022:14896-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 bsc1195682 - CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service - CVE-2022-22754: Extensions could have bypassed permission confirmation during upda...

Important: Red Hat Security Advisory: Service Telemetry Framework 1.3 (sg-core-container) security update

An update for sg-core-container is now available for Service Telemetry Framework 1.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: Service Telemetry Framework 1.4 (sg-core-container) security update

An update for sg-core-container is now available for Service Telemetry Framework 1.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Hackers Exploiting Infected Android Devices to Register Disposable Accounts

An analysis of SMS phone-verified account PVA services has led to the discovery of a rogue platform built atop a botnet involving thousands of infected Android phones, once again underscoring the flaws with relying on SMS for account validation. SMS PVA services, since gaining prevalence in 2018,...

TotoLink routers 命令注入漏洞

TOTOLink T6 is a wireless dual-band router from TotoLink, China.TOTOLink T10 is a wireless network system router from TotoLink, China.The recvSlaveUpgstatus function of TOTOLINK Technology Routers T6 and T10 is vulnerable to command injection. vulnerability. An attacker can exploit this...

Roaming Mantis reaches Europe

Roaming Mantis is a malicious campaign that targets Android devices and spreads mobile malware via smishing. We have been tracking Roaming Mantis since 2018, and published five blog posts about this campaign: Roaming Mantis uses DNS hijacking to infect Android smartphones Roaming Mantis dabbles i...

Servisnet Tessa MQTT Credential Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/mqtt' class MetasploitModule 'Servisnet Tessa - MQTT Credentials Dump...

Sealevel Systems SeaConnect 370w 缓冲区错误漏洞

Sealevel Systems SeaConnect 370W is an Industrial Internet of Things Iiot edge device from Sealevel Systems, Inc. used to remotely monitor and control the status of actual I/O processes. The Sealevel Systems SeaConnect 370w is vulnerable to an out-of-bounds write vulnerability that could be...

Fortinet FortiClient Trust Management Issue Vulnerability (CNVD-2022-03936)

Fortinet FortiClient is a mobile endpoint security solution from Fortinet, a US-based company. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance.Fortinet FortiClient has a security...

CVE-2021-41028

A combination of a use of hard-coded cryptographic key vulnerability CWE-321 in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability CWE-297 in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an...

CVE-2021-41028

A combination of a use of hard-coded cryptographic key vulnerability CWE-321 in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability CWE-297 in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an...

CVE-2021-41028

CVE-2021-41028 affects Fortinet FortiClient EMS up to 7.0.1 (and 6.4.6 and below) and FortiClient components for Windows, Linux, and macOS up to 7.0.1 and 6.4.6 and below. The root causes are a hard-coded cryptographic key in FortiClientEMS and improper certificate validation in FortiClient clien...

CVE-2021-41028

A combination of a use of hard-coded cryptographic key vulnerability CWE-321 in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability CWE-297 in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an...

Build successful data security evaluation criteria with help from your peers

When you evaluate data security products it is imperative to have the end goal in sight. If you look forward 365 days from now, what is the best way to predict how your team will use the product so that you can communicate the value that it will provide? One approach is to examine operational...

CVE-2021-41090 Instance config inline secret exposure

Grafana Agent is a telemetry collector for sending metrics, logs, and trace data to the opinionated Grafana observability stack. Prior to versions 0.20.1 and 0.21.2, inline secrets defined within a metrics instance config are exposed in plaintext over two endpoints: metrics instance configs defin...

CVE-2021-41090

Grafana Agent prior to versions 0.20.1 and 0.21.2 exposed inline secrets in plaintext via endpoints ./-/config and /agent/api/v1/configs/:key, enabling potential information disclosure if the endpoint is reachable without HTTPS client auth. The issue affects metrics/secret configurations used for...

Demystifying XDR: A Forrester Analyst Lays the Foundation

Extended detection and response XDR is no longer a future state in cybersecurity practice — it's a full-fledged reality for some. In fact, it's been a thing for a lot longer than you might think. Still, XDR is new vocabulary for many security operations center SOC teams, and the contours of this...

Fortinet FortiClient 信任管理问题漏洞

Fortinet FortiClient is a mobile endpoint security solution from Fortinet, a US-based company. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance.Fortinet FortiClient has a security...

FortiClientEMS & FortiClient - Telemetry protocol is vulnerable to a MitM Vulnerability

A combination of a use of hard-coded cryptographic key vulnerability CWE-321 in FortiClientEMS and an improper certificate validation vulnerability CWE-297 in FortiClientWindows, FortiClientLinux and FortiClientMac may allow an unauthenticated and network adjacent attacker to perform a...