Local File Inclusion

php-proxy-app is vulnerable to local file inclusion. The vulnerability exists because it uses a default appkey, allowing the attacker to generate encrypted string and get unauthorized access to arbitrary local files in the server...

KB4465664 BitLocker Security Feature Bypass Vulnerability

The remote Windows host is missing security update 4465664. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists when Windows improperly suspends BitLocker Device Encryption. An attacker with physical access to a powered off system could exploi...

A week in security (November 5 – 11)

Last week on Malwarebytes Labs, we looked at browser lockers that fly under the radar with complete obfuscation, transport and logistics in our series about compromising vital infrastructure, Google logins now requiring JavaScript, how to create a sticky cybersecurity training program, and an...

Cradlepoint Router Password Disclosure Vulnerability

Exploit for hardware platform in category web applications Cradlepoint Router Password Disclosure Many vulnerabilities in the built-in software of the Cradlepoint Router. 100000 such routers can be seen in the shodan https://www.shodan.io/search?query=cradlepointhttpservice. These vulnerabilities...

Oracle Linux 7 : python-paramiko (ELSA-2018-3347)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-3347 advisory. 2.1.1-9 - Fix a security flaw CVE-2018-1000805 in Paramiko's server mode does not effect client mode. Backported from 2.1.6 Resolves rhbz1637366 Tenable has...

Hardcoded credentials

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded BpP+2R9Q password in some case...

Hardcoded credentials

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded Pxift password in some cases...

Consumer Reports Reviews Wireless Home-Security Cameras

Consumer Reports is starting to evaluate the security of IoT devices. As part of that, it's reviewing wireless home-security cameras. It found significant security vulnerabilities in D-Link cameras: In contrast, D-Link doesn't store video from the DCS-2630L in the cloud. Instead, the camera has i...

Moderate: Red Hat Security Advisory: 389-ds-base security and bug fix update

An update for 389-ds-base is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

python security update

CentOS Errata and Security Advisory CESA-2018:3406 An update for python-paramiko is now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red H...

New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

A team of security researchers has discovered another serious side-channel vulnerability in Intel CPUs that could allow an attacker to sniff out sensitive protected data, like passwords and cryptographic keys, from other processes running in the same CPU core with simultaneous multi-threading...

The vulnerability of the FortiOS operating system’s SSL-VPN implementation, caused by errors in processing input data, allows a hacker to replace encrypted traffic with malicious data.

The vulnerability of the SSL-VPN implementation in the FortiOS operating system arises due to errors in processing input data. Exploiting this vulnerability allows a malicious actor to replace encrypted traffic using a specially generated MAC...

[SECURITY] Fedora 29 Update: python-paramiko-2.4.2-1.fc29

Paramiko a combination of the Esperanto words for "paranoid" and "friend" is a module for python 2.3 or greater that implements the SSH2 protocol for se cure encrypted and authenticated connections to remote machines. Unlike SSL a ka TLS, the SSH2 protocol does not require hierarchical certificat...

Signal Secure Messaging App Now Encrypts Sender's Identity As Well

Signal, the popular end-to-end encrypted messaging app, is planning to roll out a new feature that aims to hide the sender's identity from potential attackers trying to intercept the communication. Although messages send via secure messaging services, like Signal, WhatsApp, and Telegram, are full...

Cisco device config dumping

Quick guide to recovering configs from Cisco switches and routers We have recently done work in situations where recovering the Cisco config from one device e.g. an edge switch can give us useful information. This includes: VLANs even for VLANs that are not used on that piece of equipment Which...

Mac malware intercepts encrypted web traffic for ad injection

Last week, Malwarebytes researcher Adam Thomas found an interesting new piece of Mac malware that exhibits some troubling behaviors, including intercepting encrypted web traffic to inject ads. Let's take a closer look at this adware, which Malwarebytes for Mac detects as OSX.SearchAwesome, to see...

SUSE-SU-2018:1855-2 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-5848: In the function wmisetie, the length validation code did not handle unsigned integer overflow properly. As a result, a large value of the 'ielen...

Webshell Bypass Vulnerability in Web Security Dog (IIS Edition) V4.0

Website Security Dog IIS Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection features for comprehensive website security. Webshell bypass vulnerability exists in Web Security Dog IIS Edition V4.0. An attacker can...

Helm Wants You to Control Your Own Data Again

Helm hopes to make running your own private, encrypted server easy for everyone...

Ivanti Workspace Control and RES One Workspace Information Disclosure Vulnerability

Ivanti Workspace Control formerly known as RES One Workspace is a set of workspace control software from the American company Ivanti. The software includes features such as user management, application management and report management. A security vulnerability exists in Ivanti Workspace Control...