5472 matches found
The Hidden Bee infection chain, part 1: the stegano pack
About a year ago, we described the Hidden Bee miner delivered by the Underminer Exploit Kit. Hidden Bee has a complex and multi-layered internal structure that is unusual among cybercrime toolkits, making it an interesting phenomenon on the threat landscape. That's why we're dedicating a series o...
CVE-2019-9506
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks aka "KNOB" that can decrypt traffic and inject arbitrary...
CVE-2019-12806
UniSign 2.0.4.0 and earlier version contains a stack-based buffer overflow vulnerability which can overwrite the stack with arbitrary data, due to a buffer overflow in a library. That leads remote attacker to execute arbitrary code via crafted https packets...
Amazon Linux 2 : 389-ds-base (ALAS-2019-1262)
It was found that encrypted connections did not honor the 'ioblocktimeout' parameter to end blocking requests. As a result, an unauthenticated attacker could repeatedly start a sufficient number of encrypted connections to block all workers, resulting in a denial of service. CVE-2019-3883 C Tenab...
Supply-Chain Attack against the Electron Development Platform
Electron is a cross-platform development system for many popular communications apps, including Skype, Slack, and WhatsApp. Security vulnerabilities in the update system allows someone to silently inject malicious code into applications. From a news article: At the BSides LV security conference o...
UPDATE: SILENTTRINITY v0.3.0
PenTestIT RSS Feed Just yesterday, I wrote about this open source post-exploitation C2 framework and a new release is already available. The post was titled - List of Open Source C2 Post-Exploitation Frameworks. We now have SILENTTRINITY v0.3.0 amongst us, which was in the works for a long time!...
Medium: 389-ds-base
Issue Overview: 1693612: 389-ds-base: DoS via hanging secured connections It was found that encrypted connections did not honor the 'ioblocktimeout' parameter to end blocking requests. As a result, an unauthenticated attacker could repeatedly start a sufficient number of encrypted connections to...
Medium: 389-ds-base
Issue Overview: It was found that encrypted connections did not honor the 'ioblocktimeout' parameter to end blocking requests. As a result, an unauthenticated attacker could repeatedly start a sufficient number of encrypted connections to block all workers, resulting in a denial of service...
DEBIAN-CVE-2019-14664
In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted parts can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended...
CVE-2019-14664
The CVE affects Enigmail before 2.1. An attacker with access to PGP-encrypted emails can wrap the ciphertext into sub-parts of a crafted multipart message. The attacker may hide encrypted parts using HTML/CSS or ASCII newlines and resubmit the message; when the recipient replies, plaintext of the...
CVE-2019-10363
Jenkins Configuration as Code Plugin 1.24 and earlier did not reliably identify sensitive values expected to be exported in their encrypted form...
Design/Logic Flaw
Jenkins Configuration as Code Plugin 1.24 and earlier did not reliably identify sensitive values expected to be exported in their encrypted form...
CB TAU Threat Intelligence Notification – MegaCortex Ransomware
MegaCortex is a unique form of ransomware that was initially discovered earlier this year. It proved to be a very complex form of malware that required additional steps of operation that were only recoverable during incident responses. Since then, MegaCortex has been updated to become more generi...
CVE-2019-10363
Jenkins Configuration as Code Plugin 1.24 and earlier did not reliably identify sensitive values expected to be exported in their encrypted form...
PT-2019-11759 · Jenkins · Jenkins Configuration As Code Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Configuration as Code Plugin versions 1.24 and earlier Description: The issue concerns the Jenkins Configuration as Code Plugin, which did not reliably identify sensitive values expected to be exported in their encrypted form...
389-ds-base: DoS via hanging secured connections
It was found that encrypted connections did not honor the 'ioblocktimeout' parameter to end blocking requests. As a result, an unauthenticated attacker could repeatedly start a sufficient number of encrypted connections to block all workers, resulting in a denial of service...
Ransomware Attack Caused Power Outages in the Biggest South African City
Yesterday, some residents of Johannesburg, the largest city in South Africa, were left without electricity after the city's power company got attacked by a ransomware virus. City Power, the company responsible for powering South Africa's financial capital Johannesburg, confirmed Thursday on Twitt...
PT-2019-6349 · 3S Smart · Codesys Control Rte V3 +12
Name of the Vulnerable Software and Affected Versions: 3S-Smart CODESYS V3 products versions containing the CmpUserMgr component CODESYS Control for BeagleBone versions containing the CmpUserMgr component CODESYS Control for emPC-A/iMX6 versions containing the CmpUserMgr component CODESYS Control...
PT-2019-11747 · Jenkins · Jenkins Gogs Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Gogs Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted form in job config.xml files on the Jenkins master or controller. These credentials can be accessed by users with...
MGASA-2019-0207 Updated microcode package fixes security vulnerability
Secure Encrypted Virtualization SEV on Advanced Micro DevicesAMD Platform Security Processor PSP; aka AMD Secure Processor or AMD-SP 0.17 build 11 and earlier has an insecure cryptographic implementation. This update provides Amd SEV Firmware to 0.17 build 22 CVE-2019-9836. It also updates the...