Build Your Own Botnet: BYOB

BYOB is an open-source project that provides a framework for security researchers and developers to build and operate a basic botnet to deepen their understanding of the sophisticated malware that infects millions of devices every year and spawns modern botnets, in order to improve their ability ...

PT-2018-10495 · Intuit · Intuit Lacerte

Name of the Vulnerable Software and Affected Versions: Intuit Lacerte version 2017 Intuit Lacerte versions prior to 2017 Description: The software transfers the entire customer list in cleartext over SMB, allowing attackers to obtain sensitive information by sniffing the network or conduct...

PT-2018-12614 · Thomson Reuters · Thomson Reuters Ultratax Cs

Name of the Vulnerable Software and Affected Versions: Thomson Reuters UltraTax CS version 2017 Description: The software has a password protection option, but the level of protection may not meet some customers' expectations because the data is stored in cleartext. Customer data is stored in...

Google Starts Labeling All HTTP Sites as ‘Not Secure’

Websites that insist on sticking with HTTP will have a public relations issue on their hands, beginning today: All of them, without exception, will be labeled as insecure by Google Chrome from now on. Anyone using the Chrome web browser will be served up a warning message anytime they surf to an...

Microsoft Windows: Digitally encrypt secure channel data (when possible)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: windomainsealsecurechannel.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Domain member: Digitally encrypt secure channel data when possible Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks Gmb...

Microsoft Windows: Digitally encrypt or sign secure channel data (always)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: windomainrequiresignseal.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Domain member: Digitally encrypt or sign secure channel data always Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH...

iOSRestrictionBruteForce v2.1.0 - Crack iOS Restriction Passcodes With Python

This version of the application is written in Python, which is used to crack the restriction passcode of an iPhone/iPad takes advantage of a flaw in unencrypted backups allowing the hash and salt to be discovered. DEPENDENCIES This has been tested with Python 2.7 and Python 3.6 Requires Passlib...

CVE-2018-8849

Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programme and 8870 N'Vision removable Application Card do not encrypt PII and PHI while at rest...

CVE-2018-8849

CVE-2018-8849 affects Medtronic N’Vision Clinician Programmer 8840 (all versions) and 8870 removable Application Card (all versions). root cause: missing encryption of PII/PHI at rest, enabling potential exposure of sensitive patient data if physical access is gained. ICS-CERT Update A confirms v...

CVE-2018-8849 Medtronic N'Vision Clinician Programmer Missing Encryption of Sensitive Data

Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programme and 8870 N'Vision removable Application Card do not encrypt PII and PHI while at rest...

OPENSUSE-SU-2018:1329-1 Security update for enigmail

This update for enigmail to version 2.0.4 fixes multiple issues. Security issues fixed: - CVE-2017-17688: CFB gadget attacks allowed to exfiltrate plaintext out of encrypted emails. enigmail now fails on GnuPG integrity check warnings for old Algorithms bsc1093151 - CVE-2017-17689: CBC gadget...

HTTPS: why the green padlock is not enough

When goods get sold in large quantities, the price goes down. This might not be the first law of economics, but it’s applicable. An extrapolation of this is that if there are practically no production costs and no raw materials involved, prices of such goods will drop to zero. Usually, they will ...

Microsoft Office: Encrypt document properties

This test checks the setting for policy OpenVAS Vulnerability Test $Id: office2013encryptdocumentproperties.nasl 11843 2018-10-11 14:33:21Z emoss $ Check value for Encrypt document properties Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This...

Internet Bug Bounty: Silent omission of certificate hostname verification in LibreSSL and BoringSSL

Abstract LibreSSL and BoringSSL implemented X509VERIFYPARAMset1host differently than OpenSSL. All applications that use the preferred and documented way to configure a TLS connection for hostname validation, silently neglect to perform hostname validation at all. As a consequence, they are...

Internet Bug Bounty: ACME TLS-SNI-01/02 challenge vulnerable when combined with shared hosting providers

The ACME TLS-SNI-01 and TLS-SNI-02 specification assumed wrong in terms of how current major cloud providers routed and validated domains. This was reported earlier this week to Let's Encrypt, and they decided to disable the method. Today Let's Encrypt decided to sunset both TLS-SNI-01 and...

Phishers Are Upping Their Game. So Should You.

Not long ago, phishing attacks were fairly easy for the average Internet user to spot: Full of grammatical and spelling errors, and linking to phony bank or email logins at unencrypted http:// vs. https:// Web pages. Increasingly, however, phishers are upping their game, polishing their copy and...

Good News from Singapore

The IETF had its 100th meeting the week of November 13. It was held in Singapore. I want to report on two pieces of good news. The first is that it seems like TLS 1.3 is ready to advance through the IETF process. As I wrote last month, the problem was that outdated or buggy network devices betwee...

Bucket Stream - Find interesting Amazon S3 Buckets by watching certificate transparency logs

Find interestingAmazon S3 Buckets by watching certificate transparency logs. This tool simply listens to various certificate transparency logs via certstream and attempts to find public S3 buckets from permutations of the certificates domain name. Some quick tips if you use S3 buckets: 1. Randomi...

CVE-2017-15272

The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. This file is a Microsoft Access Database and can be extracted. The application sets the encrypt flag with the password "ITsILLEGAL"; however, this password is not required to extract the data. Cleartext is used for a...

CVE-2017-15272

The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. This file is a Microsoft Access Database and can be extracted. The application sets the encrypt flag with the password "ITsILLEGAL"; however, this password is not required to extract the data. Cleartext is used for a...