164 matches found
U.S. Dept Of Defense: Subdomain takeover due to an unclaimed Amazon S3 bucket on ███
Summary: An unclaimed Amazon S3 bucket on █████████ gives an attacker the possibility to gain full control over this subdomain. Description: ███████ pointed to an S3 bucket that did no longer exists. The bucket points to an Amazon S3 website bucket in the US East region. I claimed this bucket and...
CISA: Nation-State Attackers Likely to Take Aim at Palo Alto Networks Bug
The U.S. Cybersecurity and Infrastructure Security Agency CISA is warning that foreign hackers are likely to exploit a newly disclosed, critical vulnerability in a raft of Palo Alto Networks firewalls and enterprise VPN appliances, which allows for device takeover without authentication. The...
U.S. Dept Of Defense: Stored XSS on ████████helpdesk
A Department of DefenseDoD asset was vulnerable to Stored XSS due to a file upload feature. This may have led to Local File Inclusion. The DoD Representatives were responsive and thorough when handling my report. A Department of DefenseDoD asset was vulnerable to Stored XSS due to a file upload...
U.S. Dept Of Defense: Sensitive information about a ██████
Summary: https://████████/ is an U.S. Government USG Information System IS that is provided for USG-authorized use only.Due to some reason a document which contains the information about a special ███ for the ████ █████ which possibly is ███████or █████.The pdf file is located at...
U.S. Dept Of Defense: Information Disclosure(PHPINFO/Credentials) on DoD Asset
Summary: A DoD leaks credentials on a phpinfo page. Description: https://███ publicly displays a phpinfo page that leaks system information and credentials. Impact The impact is medium not only due to information leakage of numerous different details such as system information but also the leakag...
U.S. Dept Of Defense: RCE (Remote code execution) in one of DoD's websites
Summary: The targeted website is vulnerable to CVE-2017-1000486, by only running command was whoami to prove that the RCE exist has been run successfully on the target Description: The target uses a vulnerable version of primefaces : Primetek Primefaces 5.x, that is vulnerable to a weak encryptio...
The DoD Isn't Fixing Its Security Problems
It has produced several reports outlining what's wrong and what needs to be fixed. It's not fixing them: GAO looked at three DoD-designed initiatives to see whether the Pentagon is following through on its own goals. In a majority of cases, DoD has not completed the cybersecurity training and...
Clearing the clouds: Comparing CMMC to other frameworks
These days, I spend a lot of time talking to our cloud-based clients about Cybersecurity Maturity Model Certification CMMC: what it is, why its important, and how they can prepare. As one of the leading cybersecurity consulting firms and third-party assessment organizations 3PAO, Coalfires client...
U.S. Dept Of Defense: Sensitive Information Leaking Through DoD Owned Website. [██████████]
Summary While performing recon work on websites owned by DoD i came up with ██████████ website which is leaking sensitive information. Description The above website is leaking information such as- first name and last name, email address, phone number, house address and organization name of...
U.S. Dept Of Defense: Admin Login Credential Leak for DoD Gitlab EE instance
Summary A DoD employee/contractor exposed the ███ password in a GitHub repository █████████ leading to full ███ access in a DoD DISA-associated private Gitlab EE instance ███. Description The IP address ████ recently hosted the subdomain █████████ as of 2019-09-23. ██████ Now port 80 points to a...
U.S. Dept Of Defense: [Critical] Insufficient Access Control On Registration Page of Webapps Website Allows Privilege Escalation to Administrator
Summary: Hello. Due to insufficient access controls and poor implementation of the registration at https://████████/████/login.cfm it was possible to register while privilege escalating to an administrator. Description: It was possible to tamper with the registration request at...
Telos Automated Message Handling System contains multiple vulnerabilities
Overview Telos Automated Message Handling System AMHS contains multiple XSS vulnerabilities and a database information disclosure vulnerability. Description Telos AMHS is a web-based messaging system that supports DoD and Intelligence Community IC security marking requirements. AMHS versions prio...
CVE-2011-3596
Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request...
CVE-2011-3596
Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request...
CVE-2011-3596
Removed by vendor...
CVE-2011-3596
Polipo is affected: versions prior to 1.0.4.1 suffer a DoD vulnerability triggered by specially-crafted HTTP POST/PUT requests. The available connected sources reiterate the issue but do not provide product-specific exploit details beyond the general impact described. Remediation/version guidance...
North Korean Malicious Cyber Activity
The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Defense DoD have identified a Trojan malware variant—referred to as HOPLIGHT—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the...
U.S. Dept Of Defense: Remote Code Execution in ██████
The vulnerability you reported has been resolved and this report is now closed. If you have any further questions or disagree that the report is resolved, please let us know. Thank you for your time and effort to improve the security of the DoD information network. Thanks @s3cr3tsdn for reporting...
What Is the DoD’s New Cybersecurity Maturity Model Certification, and What Does It Mean for Defense Contractors?
Citing the threat of compromise of Controlled Unclassified Information CUI within the defense industrial base DIB, along with the high cost of cyber breaches in general, the Office of the Assistant Secretary of Defense for Acquisition has initiated a program for rating the cybersecurity maturity ...
U.S. Dept Of Defense: Unauth IDOR to mass account takeover without user interaction on the ███████ (https://███████.edu/)
The vulnerability discovered was an Insecure Direct Object Reference IDOR that allowed for mass account takeover without user interaction on the ███████ https://███████.edu/ website. The vulnerability was found in the /chkUser.aspx endpoint, which was vulnerable to IDOR. The numeric user ID...