Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack

A suspected nation-state threat actor has been linked to the distribution of a new malware called Airstalk as part of a likely supply chain attack. Palo Alto Networks Unit 42 said it's tracking the cluster under the moniker CL-STA-1009 , where "CL" stands for cluster and "STA" refers to...

EUVD-2018-18712

Malware in sbrugna...

EUVD-2014-8209

Malware in sbrugna...

EUVD-2017-14049

Malware in sbrugna...

EUVD-2017-14047

Malware in sbrugna...

EUVD-2017-14048

Malware in sbrugna...

EUVD-2017-14012

Malware in sbrugna...

EUVD-2017-14068

Malware in sbrugna...

EUVD-2018-18719

Malware in sbrugna...

EUVD-2017-14059

Malware in sbrugna...

Exploit for Out-of-bounds Read in Openssl

This repository contains exploits and proof-of-concept vulnerability demonstration files from the team at Hacker House. The exploits target various vulnerabilities in different products and services, including: 1. AirWatch MDM solution: The repository contains a file called...

ASB-A-179975048

In the Settings app, there is a possible way to disable an always-on VPN due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Exploit for Improper Access Control in Oracle Jdk

This repository contains a collection of exploit files and proof-of-concept PoC vulnerability demonstration files from the team at Hacker House. The files are categorized into several subdirectories, each containing a specific type of exploit or vulnerability. The files include: 1. AIX-0days.txt:...

VMware AirWatch Console 9.1.x < 9.1.5.6 / 9.2.x < 9.2.3.27 / 9.3.x < 9.3.0.25 / 9.4.x < 9.4.0.22 / 9.5.x < 9.5.0.16 / 9.6.x < 9.6.0.7 / 9.7.x < 9.7.0.3 SAML Security Bypass

According to its self-reported version, the install of VMware AirWatch Console running on the remote host is 9.1.x prior to 9.1.5.6, 9.2.x prior to 9.2.3.27, 9.3.x prior to 9.3.0.25, 9.4.x prior to 9.4.0.22, 9.5.x prior to 9.5.0.16, 9.6.x prior to 9.6.0.7, or 9.7.x prior to 9.7.0.3. It is,...

VMware Releases Security Update

VMware has released a security update to address a vulnerability in AirWatch Console. An attacker could exploit this vulnerability to take control of an affected system. NCCIC encourages users and administrators to review the VMware Security Advisory VMSA-2018-0024 and apply the necessary update...

VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) update resolves SAML authentication bypass vulnerability

The VMware Workspace ONE Unified Endpoint Management Console AirWatch Console contains a SAML authentication bypass vulnerability which can be leveraged during device enrollment. This vulnerability may allow for a malicious actor to impersonate an authorized SAML session if certificate-based...

CVE-2018-6975

The AirWatch Agent for iOS prior to 5.8.1 contains a data protection vulnerability whereby the files and keychain entries in the Agent are not encrypted...

CVE-2018-6975

CVE-2018-6975 concerns the AirWatch Agent for iOS prior to 5.8.1, where a data-protection vulnerability allows files and keychain entries in the Agent to be unencrypted. The VMware advisory (VMSA-2018-0023) confirms a data-protection issue and states that updates to the AirWatch Agent and VMware ...

CVE-2018-6975

The AirWatch Agent for iOS prior to 5.8.1 contains a data protection vulnerability whereby the files and keychain entries in the Agent are not encrypted...

CVE-2018-6975

The AirWatch Agent for iOS prior to 5.8.1 contains a data protection vulnerability whereby the files and keychain entries in the Agent are not encrypted...