2016 Flare-On Challenge Solutions

I would like to thank the challenge authors this year: 1. Alexander Rich 2. Matt Williams @0xmwilliams 3. Dominik Weber 4. James T. Bennett @jtbennettjr 5. Tyler Dean 6. Josh Homan 7. Alex Berry 8. Nick Harbour @nickharbour 9. Jon Erickson @2130706433 10. FireEye Labs Advanced Vulnerability...

Boozt Fashion AB: Potential Subdomain Takeover Possible

Issue Description The researcher identified that the affected url points to sendgrid.net, via a DNS CNAME record. As a result of this an attacker could potentially initate a subdomain take over by registering the subdomain sendgrid.boozt.com on sendgrid and consiquently leverage this for further...

This Android Hacking Group is making $500,000 per day

Own an Android smartphone? Hackers can secretly install malicious apps, games, and pop-up adverts on your smartphone remotely in order to make large sums of money. Security researchers at Cheetah Mobile have uncovered one of the world's largest and most prolific Trojan families, infecting million...

Siemens SPC Controller Series Denial-of-Service Vulnerability

OVERVIEW Davide Peruzzi of GoSecure! has identified a denial-of-service DoS vulnerability in the Siemens SPC Controllers. Siemens has produced an update that mitigates this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following SPC Controllers are affected:...

3S CODESYS Runtime Toolkit Null Pointer Dereference Vulnerability

OVERVIEW Nicholas Miles of Tenable Network Security has identified a NULL pointer dereference vulnerability in 3S-Smart Software Solutions GmbH’s CODESYS Runtime Toolkit. 3S has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCT...

Several Factors Mitigate VENOM's Utility for Attackers

The divisive VENOM vulnerability—marketing logo and all—has been good for three solid days of debate and angst over its severity, ease of exploitation and risks. The first public proof-of-concept exploit, however, may aid in calming some of the anxiety around the bug, which is proving difficult t...

In PHP memory corruption vulnerability use of CVE-2 0 1 4-8 1 4 2 and CVE-2 0 1 5-0 2 3 1-the vulnerability warning-the black bar safety net

Many people think that, for Web-based applications, memory corruption class of bugs is not what a serious problem. Especially nowXSSandSQL injectionthe class of vulnerabilities is still the matter of the case, not how much attention to devote to such a bug, they will be treated as“non-use”or is...

Half of Leading USB Controller Chips Vulnerable to BadUSB

BadUSB hasn’t gone from bad to worse necessarily, but it sure has reached a new state of confusion for security experts and consumers in the crosshairs. Researcher Karsten Nohl, who warned the world during Black Hat last summer that the controller chips in most USB devices could be reprogrammed t...

OpenSSL 0.9.x CBC Error Information Leakage Weakness

No description provided by source. source: http://www.securityfocus.com/bid/6884/info A side-channel attack against implementations of SSL exists that, through analysis of the timing of certain operations, can reveal sensitive information to an active adversary. This information leaked by...

Are you prepared for the BlueHat Challenge?

Today we are kicking off a new challenge so you can showcase your security prowess and, if we can, help you build some more. Our BlueHat Challenge is a series of computer security questions, which increase in difficulty as you progress. Only the rare and talented engineer will be able to finish t...

[SECURITY] Fedora 17 Update: kubrick-4.10.5-1.fc17

Kubrick is a puzzle cube solving game. The cube sizes range from 2x2x2 easy up to 6x6x6 very hard, or you can play with irregular =E2=80=9Cbricks=E2=80=9D such as 5x3x2 and =E2=80=9Cmats=E2=80=9D one cubi e thick such as 6x4x1. The game has a selection of puzzles at several levels of difficulty, ...

[SECURITY] Fedora 17 Update: bomber-4.10.5-1.fc17

Bomber is a single player arcade game. The player is invading various cities in a plane that is decreasing in height. The goal of the game is to destroy all the buildings and advance to the next level. Each level gets a harder by increasing the speed of the plane and the height of the buildings...

[SECURITY] Fedora 17 Update: kubrick-4.10.4-1.fc17

Kubrick is a puzzle cube solving game. The cube sizes range from 2x2x2 easy up to 6x6x6 very hard, or you can play with irregular =E2=80=9Cbricks=E2=80=9D such as 5x3x2 and =E2=80=9Cmats=E2=80=9D one cubi e thick such as 6x4x1. The game has a selection of puzzles at several levels of difficulty, ...

[SECURITY] Fedora 18 Update: bomber-4.10.4-1.fc18

Bomber is a single player arcade game. The player is invading various cities in a plane that is decreasing in height. The goal of the game is to destroy all the buildings and advance to the next level. Each level gets a harder by increasing the speed of the plane and the height of the buildings...

[SECURITY] Fedora 19 Update: kubrick-4.10.4-1.fc19

Kubrick is a puzzle cube solving game. The cube sizes range from 2x2x2 easy up to 6x6x6 very hard, or you can play with irregular =E2=80=9Cbricks=E2=80=9D such as 5x3x2 and =E2=80=9Cmats=E2=80=9D one cubi e thick such as 6x4x1. The game has a selection of puzzles at several levels of difficulty, ...

Schneider Electric Vijeo Citect, CitectSCADA, PowerLogic SCADA Vulnerability

Overview Schneider Electric has identified an XML external entity vulnerability in Vijeo Citect, CitectSCADA, and PowerLogic SCADA applications. Timur Yunusov, Alexey Osipov, and Ilya Karpov of Positive Technologies reported the vulnerability directly to Schneider Electric. Schneider Electric has...

Cybercriminals Use Evernote as C&C

At least one group of cybercriminals has taken to Evernote, the popular cloud-based note-taking and data-sharing service, as a base of operations for a data stealing Trojan, according to TrendMicro threat response engineer Nikko Tamana. TrendMicro detected the threat as “BKDRVERNOT.A” and observe...

Wonderware Intelligence Tableau Server Ruby on Rails Improper Input Validation (Update A)

Overview This updated advisory was orignally posted to the US-CERT secure Portal library on February 5, 2013, and is now being released to the ICS-CERT Web page. Mitigation details for multiple vulnerabilities that impact third-party software integrated into the Invensys Wonderware Intelligence...

Ignore Supply Chain Security and Risk Management at Your Peril

No CFO thinks that his signature approving a purchase order for a new five-figure piece of hardware could ultimately cost his company seven-figures, or maybe force them to shut their doors forever. But that’s the reality many companies need to face when it comes to supply chain security and risk...

GE Intelligent Platforms Proficy Real-Time Information Portal Directory Traversal

Overview ICS-CERT received a report from GE Intelligent Platforms and the Zero Day Initiative ZDI. If exploited, this vulnerability could allow an attacker to create or overwrite a file on the system running Real-Time Information Portal. concerning a directory traversal vulnerability in the GE...