iNSYNQ Ransom Attack Began With Phishing Email

A ransomware outbreak that hit QuickBooks cloud hosting firm iNSYNQ in mid-July appears to have started with an email phishing attack that snared an employee working in sales for the company, KrebsOnSecurity has learned. It also looks like the intruders spent roughly ten days rooting around...

Cryptolocking WordPress Plugin Locks Up Blog Posts

A malicious WordPress plugin ironically called WP Security has been spotted in the wild encrypting blog posts and rendering the content unreadable. It’s capable of targeting individual posts — an unusual behavior, according to researchers. According to analysis from Sucuri, the plugin obtains a...

Information Disclosure

openjdk is vulnerable to information disclosure. It was discovered that the ChaCha20Cipher implementation in the Security component of OpenJDK used non-constant time comparison for comparing tags. A remote attacker could possible use the flaw to leak information about decryption state using the...

CVE-2019-13604

There is a short key vulnerability in HID Global DigitalPersona formerly Crossmatch U.are.U 4500 Fingerprint Reader v24. The key for obfuscating the fingerprint image is vulnerable to brute-force attacks. This allows an attacker to recover the key and decrypt that image using the key. Successful...

Design/Logic Flaw

There is a short key vulnerability in HID Global DigitalPersona formerly Crossmatch U.are.U 4500 Fingerprint Reader v24. The key for obfuscating the fingerprint image is vulnerable to brute-force attacks. This allows an attacker to recover the key and decrypt that image using the key. Successful...

CVE-2019-13604

There is a short key vulnerability in HID Global DigitalPersona formerly Crossmatch U.are.U 4500 Fingerprint Reader v24. The key for obfuscating the fingerprint image is vulnerable to brute-force attacks. This allows an attacker to recover the key and decrypt that image using the key. Successful...

CVE-2019-9149

Mailvelope prior to 3.3.0 allows private key operations without user interaction via its client-API. By modifying an URL parameter in Mailvelope, an attacker is able to sign and encrypt arbitrary messages with Mailvelope, assuming the private key password is cached. A second vulnerability allows ...

CVE-2019-9149

Mailvelope prior to 3.3.0 allows private key operations without user interaction via its client-API. By modifying an URL parameter in Mailvelope, an attacker is able to sign and encrypt arbitrary messages with Mailvelope, assuming the private key password is cached. A second vulnerability allows ...

CVE-2019-9149

Mailvelope prior to 3.3.0 allows private key operations without user interaction via its client-API. By modifying an URL parameter in Mailvelope, an attacker is able to sign and encrypt arbitrary messages with Mailvelope, assuming the private key password is cached. A second vulnerability allows ...

CVE-2019-9149

CVE-2019-9149 affects Mailvelope prior to 3.3.0. An attacker can trigger private key operations without user interaction by tampering a URL parameter in Mailvelope’s client-API, allowing signing (and encrypting) arbitrary messages if the private key password is cached. A separate issue enables de...

CVE-2019-1886

The CVE-2019-1886 entry describes a DoS in Cisco Web Security Appliance (WSA) due to insufficient validation of SSL server certificates in the HTTPS decryption feature. Attackers can remotely exploit by presenting a malformed certificate to a web server, sent through WSA, to trigger an unexpected...

Design/Logic Flaw

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, under certain circumstances, attackers can decrypt configuration items that are encrypted because the vCMP configuration unit key is generated with insufficient randomness. The attack prerequisite is direct access to...

CVE-2019-6632

CVE-2019-6632 affects BIG-IP vCMP: the vCMP configuration unit key is generated with insufficient randomness, enabling decryption of encrypted configuration/UCS files when an attacker has direct access to those files. Affected: BIG-IP versions 12.1.0–12.1.4, 13.0.0–13.1.1.4, 14.0.0–14.0.0.4/14.0....

CVE-2019-6632

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, under certain circumstances, attackers can decrypt configuration items that are encrypted because the vCMP configuration unit key is generated with insufficient randomness. The attack prerequisite is direct access to...

Cisco Web Security Appliance HTTPS Certificate Denial of Service Vulnerability

A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to insufficient validation of Secure Sockets Layer SSL server certificates. An attacker could...

Cisco Web Security Appliance AsyncOS Software Input Validation Error Vulnerability (CNVD-2019-25710)

The Cisco Web Security Appliance WSA is a web security appliance from Cisco. The appliance provides SaaS-based access control, real-time web reporting and tracking, and security policy formulation.AsyncOS Software is the operating system used in it. An input validation error vulnerability exists ...

DEBIAN-CVE-2019-13179

Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption...

UBUNTU-CVE-2019-13179

Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption...

CVE-2019-13179

Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption...

F5 Networks BIG-IP : vCMP vulnerability (K01413496)

Under certain circumstances, attackers can decrypt configuration items that are encrypted because the vCMP configuration unit key is generated with insufficient randomness. The attack prerequisite is direct access to encrypted configuration and/or UCS files. CVE-2019-6632 Impact BIG-IP This...