From the Dorm Room to the White House: How Researcher Jack Cable Works to Ensure Election Security

In a recent episode of Security Nation, Rapid7 welcomed Jack Cable, a junior at Stanford University and employee of the U.S. Cybersecutiy and Infrastructure Security Agency, to discuss the importance of ensuring election security beyond just voting machines. Read on as he shares how to fight...

Debian DSA-4767-1 : mediawiki - security update

Multiple security issues were discovered in MediaWiki, a website engine for collaborative work: SpecialUserRights could leak whether a user existed or not, multiple code paths lacked HTML sanitisation allowing for cross-site scripting and TOTP validation applied insufficient rate limiting against...

Saferwall - A Hackable Malware Sandbox For The 21St Century

Saferwall is an open source malware analysis platform. It aims for the following goals: Provide a collaborative platform to share samples among malware researchers. Acts as a system expert, to help researchers generates an automated malware analysis report. Hunting platform to find new malwares...

Faraday v3.11 - Collaborative Penetration Test and Vulnerability Management Platform

This new release brings strong improvements to your security team’s daily performance , allowing them to operate quicker and smarter by increasing accessibility and stabilizing usual functionality. Major enhancements are focused on providing global visualization of findings , improvements on our...

Lessons learned from the Microsoft SOC—Part 3c: A day in the life part 2

This is the sixth blog in the Lessons learned from the Microsoft SOC series designed to share our approach and experience from the front lines of our security operations center SOC protecting Microsoft and our Detection and Response Team DART helping our customers with their incidents. For a visu...

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. Whether it's helping hospitals avoid becoming the next ransomware...

Envizon v3.0 - Network Visualization And Vulnerability Management/Reporting

This tool is designed, developed and supported by evait security. In order to give something back to the security community, we publish our internally used and developed, state of the art network visualization and vulnerability reporting tool, 'envizon'. We hope your feedback will help to improve...

Designing the Smart Experience at Akamai HQ

We are now 90 days out from a major milestone for Akamai: the opening of our new headquarters in Cambridge, Massachusetts. The state-of-the-art tower in the tech hub of Kendall Square is particularly exciting for me in my dual roles as CIO and SVP of Global Services & Support, because it marks th...

[SECURITY] [DSA 4592-1] mediawiki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4592-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 26, 2019 https://www.debian.org/security/faq -...

Logic Flaw Vulnerability in Airport A-CDM System at Flymate Technologies Ltd.

Feiyou Technology is a company specializing in providing civil aviation and through flight service data, with data centers and analysis systems such as global flight dynamics data, global aircraft data, flight delay intelligent analysis data, flight punctuality analysis data system, ground...

Information leakage vulnerability in te***.aspx page of the collaborative office management platform of Quanta Technology Co.

Quanta Technology Co., Ltd. is a digital construction platform service provider that provides more than one hundred products/services based on "end+cloud+big data" and value-added services such as industrial big data and industrial new finance, with the core support of professional applications i...

Information Leakage Vulnerability in Collaborative Office Management Platform of Quanta Technology Co.

Quanta Technology Co., Ltd. is a digital construction platform service provider that provides more than one hundred products/services based on "end+cloud+big data" and value-added services such as industrial big data and industrial new finance, with the core support of professional applications i...

File Upload Vulnerability in Panavision OA Collaboration Office System

Panmicro Collaborative Management Application Platform e-cology is a collaborative business platform with enterprise information portal, knowledge management, data center, workflow management, human resource management, customer and partner management, project management, financial management, an...

Unauthorized Access Vulnerability in Panmicro oa e-cology8

Panmicro collaborative management application platform e-cology is a set of collaborative business platform. An unauthorized access vulnerability exists in Panmicro oa e-cology8, which can be exploited by attackers to obtain sensitive information...

BlueHat Seattle 2019 Call for Papers is Now Open!

2019 has seen a phenomenal BlueHatIL in February followed by a wildly successful BlueHat Shanghai in May… now it’s time to come back home for BlueHat Seattle! 2 days of hands-on technical training October 22-23, 2019 2 days of conference talks from industry-leading security researchers and cyber...

IBM Rational Quality Manager Cross-Site Scripting Vulnerability (CNVD-2019-20856)

IBM Rational Collaborative Lifecycle Management CLM is a suite of collaborative lifecycle management solutions from IBM in the United States. The solution combines three products, RTC, RQM, and RRC, in a single IBM SmartCloud Enterprise cloud environment image to provide requirements management,...

IBM Rational Collaborative Lifecycle Management Cross-Site Scripting Vulnerability (CNVD-2019-21081)

IBM Rational Collaborative Lifecycle Management CLM is a suite of collaborative lifecycle management solutions from IBM in the United States. The solution combines three products, RTC, RQM, and RRC, in a single IBM SmartCloud Enterprise cloud environment image to provide requirements management,...

IBM Rational Collaborative Lifecycle Management Cross-Site Scripting Vulnerability (CNVD-2019-20847)

IBM Rational Collaborative Lifecycle Management CLM is a suite of collaborative lifecycle management solutions from IBM in the United States. The solution combines three products, RTC, RQM, and RRC, in a single IBM SmartCloud Enterprise cloud environment image to provide requirements management,...

Information Disclosure Vulnerability in IBM Rhapsody Model Manager

IBM Rational Collaborative Lifecycle Management CLM is a suite of collaborative lifecycle management solutions from IBM in the United States. The solution combines three products, RTC, RQM, and RRC, in a single IBM SmartCloud Enterprise cloud environment image to provide requirements management,...

IBM Rational Collaborative Lifecycle Management Information Disclosure Vulnerability (CNVD-2019-20846)

IBM Rational Collaborative Lifecycle Management CLM is a suite of collaborative lifecycle management solutions from IBM in the United States. The solution combines RTC, RQM, and RRC products in an IBM SmartCloud Enterprise cloud environment image to provide requirements management, change and...