A week in security (October 15 – 21)

Last week on Malwarebytes Labs, we went over how to build your own motion-activated security camera, wondered whether FIDO is the future instrument to replace passwords and usernames, informed you about information operations on Twitter, and released our Q3 Malwarebytes Labs Cybercrime Tactics an...

Design/Logic Flaw

Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird 52.9...

Design/Logic Flaw

dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird 52.9...

CVE-2018-12373

dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird 52.9...

CVE-2018-12372

Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird 52.9...

CVE-2018-12372

CVE-2018-12372 affects Mozilla Thunderbird. Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext in HTML reply/forward messages. Public documentation lists affected product: Thunderbird prior to 52.9. Root cause described across connected sources as leakage of S...

CVE-2018-12373

dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird 52.9...

Ivanti Workspace Control and RES One Workspace Information Disclosure Vulnerability

Ivanti Workspace Control formerly known as RES One Workspace is a set of workspace control software from the American company Ivanti. The software includes features such as user management, application management and report management. A security vulnerability exists in Ivanti Workspace Control...

Moderate severity vulnerability that affects OPCFoundation.NetStandard.Opc.Ua

Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords...

GHSA-8336-MXP6-V5H9 Moderate severity vulnerability that affects OPCFoundation.NetStandard.Opc.Ua

Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords...

CVE-2018-15593

An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can decrypt the encrypted datastore or relay server password by leveraging an unspecified attack vector...

CVE-2018-0434

A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected...

CVE-2018-12087

Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords...

Authorization

Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords...

CVE-2018-12087

Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords...

CVE-2018-12087

OPC Foundation UA Client Applications are affected by CVE-2018-12087 due to failure to validate certificates in communications without security. This allows an attacker who controls a segment of the network infrastructure to decrypt passwords, indicating a confidentiality impact. The vulnerabilit...

AES-Killer - Burp Plugin To Decrypt AES Encrypted Traffic Of Mobile Apps

Burpsuite Plugin to decrypt AES Encrypted mobile app traffic. Requirements Burpsuite Java Tested on Burpsuite 1.7.36 Windows 10 xubuntu 18.04 Kali Linux 2018 What it does Decrypt AES Encrypted traffic on proxy tab Decrypt AES Encrypted traffic on proxy, scanner, repeater and intruder How it works...

CVE-2018-15753

An issue was discovered in the MensaMax aka com.breustedt.mensamax application 4.3 for Android. The use of a Hard-coded DES Cryptographic Key allows an attacker who decodes the application to decrypt transmitted data such as the login username and password...

CVE-2018-15753

An issue was discovered in the MensaMax aka com.breustedt.mensamax application 4.3 for Android. The use of a Hard-coded DES Cryptographic Key allows an attacker who decodes the application to decrypt transmitted data such as the login username and password...

Hardcoded credentials

An issue was discovered in the MensaMax aka com.breustedt.mensamax application 4.3 for Android. The use of a Hard-coded DES Cryptographic Key allows an attacker who decodes the application to decrypt transmitted data such as the login username and password...