Lack of Internal IT Security Expertise Requires Connected Threat Defense

There are many different factors that can impact a company's overall security posture. Increasing sophistication on the part of cyber criminals, combined with more frequent attacks launched using advanced malware, represent some of the most pervasive drivers of IT security. However, one issue...

Rancher Server - Docker Daemon Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Rancher Server - Docker Exploit', 'Description' = %q Utilizing Rancher Server, an attacker can create a docker container with the '/' path mounte...

VulnCheck KEV: CVE-2017-11826

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user...

What's New In Android 8.0 Oreo Security

In addition to the many tweaks and new features in Google’s Android 8.0 Oreo operating system introduced last month, the biggest changes are its security enhancements. Oreo security additions are meaningful and go far beyond what recent OS updates have brought to the table. With Android Oreo...

Exploit for CVE-2017-8759 detected and neutralized

The September 12, 2017 security updates from Microsoft include the patch for a previously unknown vulnerability exploited through Microsoft Word as an entry vector. Customers using Microsoft advanced threat solutions were already protected against this threat. The vulnerability, classified as...

See how I through subdomain takeover to bypass the Uber Single Sign-On authentication mechanism-vulnerability warning-the black bar safety net

! Uber to use the Amazon CloudFront CDN architecture website saostatic. uber. com there is a subdomain of the security vulnerability, an attacker take over. In addition, Uber recently deployed in the site auth. uber. com, based on Uber all the subdomain cookie sharing to achieve authentication of...

How Google Shrank The Android Attack Surface

LAS VEGAS—For Nick Kralevich, head of Android platform security at Google, there is no better barometer for success than finding out the market value for vulnerabilities on the OS he works to protect are among the highest paid for mobile. During a Black Hat session on hardening Android, Kralevich...

What’s new in Windows Defender ATP Fall Creators Update

When we introduced Windows Defender Advanced Threat Protection Windows Defender ATP, our initial focus was to reduce the time it takes companies to detect, investigate, and respond to advanced attacks. The Windows Fall Creators Update represents a new chapter in our product evolution as we offer ...

Auto-binding vulnerabilities and Spring MVC-vulnerability warning-the black bar safety net

Today to introduce a not very well-known vulnerability—auto binding vulnerability, or referred to as mass assignment in. Automatic binding capabilities in many of the frameworks are achieved, it allows the framework to automatically convert the HTTP request parameter bound to the object and to...

CVE-2017-7375

A flaw in libxml2 allows remote XML entity inclusion with default parser flags i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes. Depending on the context, this may expose a higher-risk attack surface in libxml2 not...

How vulnerability research benefits both vendors and customers

Zero-day vulnerabilities - newly discovered exploits that haven't been previously identified - are now emerging more often. Worse still is the fact that these dangerous flaws sometimes aren't pinpointed until hackers have already exploited them. According to a prediction from Cybersecurity Ventur...

Code injection

An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. Due to a lenient updater-script in the OnePlus OTA images, and the fact that both ROMs use the same OTA verification keys, attackers can install HydrogenOS over OxygenOS and vice versa, even on locked bootloaders, which allows for...

Design/Logic Flaw

An issue was discovered on OnePlus devices such as the 3T. The OnePlus OTA Updater pushes the signed-OTA image over HTTP without TLS. While it does not allow for installation of arbitrary OTAs due to the digital signature, it unnecessarily increases the attack surface, and allows for remote...

CVE-2016-10370

An issue was discovered on OnePlus devices such as the 3T. The OnePlus OTA Updater pushes the signed-OTA image over HTTP without TLS. While it does not allow for installation of arbitrary OTAs due to the digital signature, it unnecessarily increases the attack surface, and allows for remote...

CVE-2016-10370

An issue was discovered on OnePlus devices such as the 3T. The OnePlus OTA Updater pushes the signed-OTA image over HTTP without TLS. While it does not allow for installation of arbitrary OTAs due to the digital signature, it unnecessarily increases the attack surface, and allows for remote...

Emergency Update Patches Zero Day in Microsoft Malware Protection Engine

Microsoft made quick work of what two prominent Google researchers called the worst Windows vulnerability in recent memory, releasing an emergency patch Monday night, 48 hours after Google’s private disclosure was made. The mystery Windows zero day CVE-2017-0290 was in the Microsoft Malware...

Akamai IT Challenge - 100 apps on EAA in 100 days

About a month or so ago I shared a quick video interview with Joe DeFelice. Joe is a Sr. Director Enterprise Security & Infrastructure Engineering here at Akamai. In the video Joe outlines a few of the major initiatives he and the team are working on, including moving towards eliminating the VPN...

U.S. Dept Of Defense: Exposed ███████ Administrative Interface (ColdFusion 11)

Summary: The "/██████████/administrator/" directory is accessible to the public and allows an attacker to further enumerate the system and/or perform brute force attacks. Description: The ████████ website has an exposed "Administrative Interface" for ColdFusion 11, which could be useful to an...

Android security development of started private components of vulnerability talking about-vulnerability warning-the black bar safety net

! 0x00 the private component talking about android applications, if a component of foreign export, then this component is a the attack surface. Most likely there is a lot of problems, because the attacker can in various ways to the components of the test attack. But developers are not necessarily...

Cookie Set For Parent Domain

HTTP by itself is a stateless protocol. Therefore the server is unable to determine which requests are performed by which client, and which clients are authenticated or unauthenticated. The use of HTTP cookies within the headers, allows a web server to identify each individual client and can...