MuddyWater APT Hones an Arsenal of Custom Tools

An array of customized attack tools are helping the MuddyWater advanced persistent threat APT group to successfully exfiltrate data from its governmental and telco targets in the Middle East; an analysis of this toolset reveals a moderately sophisticated threat actor at work – with the potential ...

Azure Linux Agent Information Disclosure Vulnerability

An information disclosure vulnerability exists in the way Azure WaLinuxAgent creates swap files on resource disks. An authenticated attacker who successfully exploited this vulnerability could view data in swap that is normally hidden. None of the Azure endorsed distros are vulnerable to this iss...

Views (for Drupal 7) - Less critical - Cross site scripting - SA-CONTRIB-2019-036

This module enables you to create customized lists of data. The module doesn't sufficiently sanitize certain field types, leading to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that a view must display a field with the format "Full data serialized" and an...

Views (for Drupal 7) - Moderately critical - Information Disclosure - SA-CONTRIB-2019-034

This module enables you to create customized lists of data. The module doesn't sufficiently protect against argument definitions failing. This vulnerability is mitigated by the fact that a view must have custom PHP code used as a field validator...

WAGO PFC200 iocheckd service "I/O-Check" cache DNS code execution vulnerability

Summary An exploitable stack buffer overflow vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in code execution. An attacker can send...

CVE-2018-20185

In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits...

CVE-2018-0452

A vulnerability in the web-based management interface of Cisco Tetration Analytics could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient...

CVE-2018-0444 Cisco Packaged Contact Center Enterprise Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Packaged Contact Center Enterprise could allow an unauthenticated, remote attacker to conduct a stored XSS attack against a user of the interface. The vulnerability is due to insufficient validation of user-supplied input by the...

Cisco Meeting Server Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the...

Lynis 2.6.8 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

zoek.aanbodpagina.nl XSS vulnerability

Open Bug Bounty ID: OBB-644090 Description| Value ---|--- Affected Website:| zoek.aanbodpagina.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Ticketmaster Suffers Security Breach – Personal and Payment Data Stolen

Global entertainment ticketing service Ticketmaster has admitted that the company has suffered a security breach, warning customers that their personal and payment information may have been accessed by an unknown third-party. The company has blamed a third-party support customer service chat...

The need and opportunity for adaptive prevention in the cloud

This post is authored by Michael Bargury, Data Scientist, C+E Security. The need The cloud introduces new security challenges, which differ from classic ones by diversity and scale. Once a Virtual Machine VM is up and running with an open internet port, it is almost instantaneously subject to...

CVE-2018-6211

On D-Link DIR-620 devices with a certain customized by ISP variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, OS command injection is possible as a result of incorrect processing of the resbuf parameter to index.cgi...

APT15 Pokes Its Head Out With Upgraded MirageFox RAT

The elusive APT15 cyber-espionage group, believed to be affiliated with the Chinese government, has been spotted for the first time in many months, mounting a highly targeted spy campaign using an upgraded version of the Mirage remote access trojan. This is the first evidence of the China-linked...

hayhouse.com XSS vulnerability

Open Bug Bounty ID: OBB-594208 Description| Value ---|--- Affected Website:| hayhouse.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

PayControl - Customized SSL, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application PayControl published at the 'play' market has multiple vulnerabilities...

Open Source Static Code Analyser: StaCoAn

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications. This tool will look for interesting lines in the code which can contain: Hardcoded credentials API keys URL’s of API’s Decryption keys Major coding...

DOC+ mobile clinic - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application DOC+ mobile clinic published at the 'play' market has multiple vulnerabilities...

helmetcityinternational.com XSS vulnerability

On the 03.01.2018 security researcher reported a XSS vulnerability affecting the helmetcityinternational.com website via the Open Bug Bounty coordinated vulnerability disclosure program. Coordinated Disclosure Timeline: Description| Value ---|--- Vulnerability submitted via Open Bug Bounty| 3...