863 matches found
Microsoft Windows Defender AV: Block Office applications from injecting into other processes
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winavblockofficeinjecting.nasl 11495 2018-09-20 10:06:25Z emoss $ Check value for Configure Attack Surface Reduction rules: Block Office applications from injecting into other processes Authors: Emanuel Moss Copyright:...
Microsoft Windows Defender AV: Block Office applications from creating child processes
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winavofficesubprocesses.nasl 11495 2018-09-20 10:06:25Z emoss $ Check value for Configure Attack Surface Reduction rules Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This...
Microsoft Windows Defender AV: Block Office applications from creating executable content
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winavblockofficeexeccontent.nasl 11495 2018-09-20 10:06:25Z emoss $ Check value for Configure Attack Surface Reduction rules: Block Office applications from creating executable content Authors: Emanuel Moss Copyright: Copyrig...
Microsoft Windows Defender AV: Block execution of potentially obfuscated scripts
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winavblockexecobfuscatedscripts.nasl 11495 2018-09-20 10:06:25Z emoss $ Check value for Configure Attack Surface Reduction rules: Block execution of potentially obfuscated scripts Authors: Emanuel Moss Copyright: Copyright c...
Microsoft Windows Defender AV: Block Win32 imports from macro code in Office
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winavblockwin32importoffice.nasl 11495 2018-09-20 10:06:25Z emoss $ Check value for Configure Attack Surface Reduction rules: Block Win32 imports from macro code in Office Authors: Emanuel Moss Copyright: Copyright c 2018...
Psychological Aspects of Vulnerability Remediation
In my opinion, Remediation is the most difficult part of Vulnerability Management process. If you know the assets in your organization and can assess them, you will sooner or later produce a good enough flow of critical vulnerabilities. But what the point, if the IT team will not fix them?...
Browser Extensions: Are They Worth the Risk?
Popular file-sharing site Mega.nz is warning users that cybercriminals hacked its browser extension for Google Chrome so that usernames and passwords submitted through the browser were copied and forwarded to a rogue server in Ukraine. This attack serves as a fresh reminder that legitimate browse...
Code injection
An authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface in Eltex ESP-200 firmware version 1.2.0...
CVE-2018-15358
An authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface in Eltex ESP-200 firmware version 1.2.0...
CVE-2018-15359
An authenticated attacker with low privileges can use insecure sudo configuration to expand attack surface in Eltex ESP-200 firmware version 1.2.0...
CVE-2018-15125
Sensitive Information Disclosure in Zipato Zipabox Smart Home Controller allows remote attacker get sensitive information that expands attack surface...
CVE-2018-15125
Sensitive Information Disclosure in Zipato Zipabox Smart Home Controller allows remote attacker get sensitive information that expands attack surface...
Information disclosure
Sensitive Information Disclosure in Zipato Zipabox Smart Home Controller allows remote attacker get sensitive information that expands attack surface...
CVE-2018-15125
Sensitive Information Disclosure in Zipato Zipabox Smart Home Controller allows remote attacker get sensitive information that expands attack surface...
DEF CON 2018: ‘Man in the Disk’ Attack Surface Affects All Android Phones
A function of the Android storage mechanism opens up an attack surface that affects all Android devices, and allows an attacker to corrupt data, steal sensitive information or even take control of a mobile phone. Simply put, the issue – dubbed “man in the disk” – allows a bad actor to hijack the...
Intrigue-Core - Discover Your Attack Surface
Intrigue-core is a framework for automated attack surface discovery. There are a number of use cases: Application and Infrastructure Asset Discovery Security Research and Vulnerability Discovery Malware Campaign Research & Indicator Enrichment Exploratory OSINT Research If you'd like assistance...
Brave Software: Navigation to restricted origins via "Open in new tab"
Summary: It's possible to open links pointing to file:/// origin from web pages using "Open link in a new tab" in context menu. https://hackerone.com/bugs?reportid=369185 shows unsafe ssh:// protocol handling, which leads to information leak using sshOS username and etc.. The vulnerability is...
SingTel Backdoor Detection (ForgotDoor)
The remote SingTel router may be contain a backdoor. Certain SingTel routers had their administrative web interfaces port-forwarded to public-facing addresses by customer support after users requested customer service. Depending on the configuration, the router may require no credentials, default...
Foxit PDF Reader JavaScript setPersistent Remote Code Execution Vulnerability(CVE-2018-3842)
Summary An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code...
Cloud Credentials: New Attack Surface for Old Problem
SAN FRANCISCO – Credential theft and abuse have long been a nagging problem for local network administrators. The threat surface ranges from pretexting scams to insiders who abuse network privileges in order to grant themselves higher permissions than otherwise assigned. Here at RSA Conference,...