30 matches found
EUVD-2009-2340
Malware in sbrugna...
Ukrainian CERT Warns Citizens of Phishing Attacks Using Compromised Accounts
Ukraine's Computer Emergency Response Team CERT-UA warned of new phishing attacks aimed at its citizens by leveraging compromised email accounts belonging to three different Indian entities with the goal of compromising their inboxes and stealing sensitive information. The agency cautioned that t...
Continuing to Stay Ahead of CVE-2021-44228: Addressing Your Top Questions
Since it was disclosed on Friday, December 11, I have spoken with many customers about CVE-2021-44228 and the ways Imperva is working to ensure that they are protected. Countless others have contacted us with questions about ways to mitigate the impact from the Log4j vulnerability. In the spirit ...
Hackers Leak Personal Data from Hundreds of German Politicians On Twitter
Germany has been hit with the biggest hack in its history. A group of unknown hackers has leaked highly-sensitive personal data from more than 100 German politicians, including German Chancellor Angela Merkel, Brandenburg's prime minister Dietmar Woidke, along with some German artists, journalist...
Detecting Data Breaches: Why Understanding Database Types Matters
Different data characteristics and access patterns found in different database systems lead to different ways of detecting suspicious data access, which are indicators of potential data breaches. To accurately detect data access abuse we need to classify the database processing type. Is it a...
Cisco FireSIGHT Management Center Detection
This script performs SSH based detection of Cisco FireSIGHT Management Center SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Anonymous Hackers Target Israeli Websites and Leak Credentials
The infamous hacking group Anonymous that vowed an 'Electronic Holocaust' against Israel and promised to 'erase Israel from cyberspace' on 7th April, managed to launch a cyber attack, beginning Tuesday morning. In a spooky video "message to Israel" posted on YouTube March 4, Anonymous declared...
OpenVAS Command Injection
OpenVAS Security Advisory OVSA20121112 Date: 12th November 2012 Product: OpenVAS Manager Risk: Medium Summary It has been identified that OpenVAS Manager is vulnerable to command injection due to insufficient validation of user supplied data when processing OMP requests. It has been identified th...
Sourcefire Defense Center multiple security vulnerabilities
Crossite scripting, unauthorized access...
Sourcefire Defense Center - multiple vulnerabilities.
Hi list, -- Product description from vendor site: The Sourcefire Defense CenterR management console is the "nerve center" of the Sourcefire 3DR System. It provides a powerful, easy-to-use interface for categorizing events, generating recurring reports, scheduling automated IPS, NGIPS, and NGFW...
Sourcefire Defense Center File Download / Cross Site Scripting
-- Product description from vendor site: The Sourcefire Defense CenterR management console is the "nerve center" of the Sourcefire 3DR System. It provides a powerful, easy-to-use interface for categorizing events, generating recurring reports, scheduling automated IPS, NGIPS, and NGFW detection...
Sourcefire Defense Center Multiple Security Vulnerabilities
Sourcefire Defense Center is prone to multiple security vulnerabilities, including multiple arbitrary-file-download vulnerabilities, an arbitrary-file-deletion vulnerability, a security- bypass vulonerability, and an HTML-injection vulnerability. Exploiting these vulnerabilities may allow an...
Sourcefire Defense Center < 4.10.2.3 Multiple Vulnerabilities - Active Check
Sourcefire Defense Center is prone to multiple vulnerabilities, including multiple arbitrary file download vulnerabilities, an arbitrary file deletion vulnerability, a security bypass vulnerability, and an HTML injection vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text...
Report: Web Applications Attacked Every Two Minutes
Web applications are attacked every two minutes and at some times can experience upwards to 25,000 attacks an hour according to a report published by security firm Imperva today. As part of its continuing Hacker Intelligence initiative, Imperva’s Application Defense Center ADC released their Web...
Hacking Crew Attacks German National Cyber Defense Center
Germany’s newly created National Cyber Defense Center was attacked by a group of hackers referring to themselves as the “n0n4m3 cr3w” No Name Crew in early July, according to a report from the IDG News Service. The group broke into the National Cyber Defense Center’s network and stole information...
Germany to create cyber defense center !
Germany is planning the creation of a national cyber defense center in 2011 in reaction to a growing number of cyber attacks on government institutions that mostly originate in China. An interior ministry spokesman said Monday that while in 2009 the government registered only 900 attacks, there...
CVE-2010-2306
The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle MITM attack...
Default configuration
The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle MITM attack...
CVE-2010-2306
The CVE-2010-2306 entry concerns the default installations of Sourcefire 3D Sensor 1000/2000/9900 and Defense Center 1000 sharing the same static private SSL keys across devices/installations. This key reuse enables a remote attacker to perform a man-in-the-middle and decrypt SSL traffic. The pro...
Code injection
The web-based management interfaces in Sourcefire Defense Center DC and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components...