Elevation Of Privileges

passport-wsfed-saml2 is vulnerable to elevation of privileges. When a SAML identity provider doesn't sign the entire SAML response, attackers can change the NameIdentifier to login as a different user. The attacker needs either be able to intercept encrypted traffic and modify SAML responses on t...

CVE-2017-17844

An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content by sending an encrypted data block that the attacker cannot directly decrypt to a victim, and relying on the victim to automatically decrypt that block and then send it back to the attacker as quoted...

CVE-2017-17844

An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content by sending an encrypted data block that the attacker cannot directly decrypt to a victim, and relying on the victim to automatically decrypt that block and then send it back to the attacker as quoted...

CVE-2017-17844

An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content by sending an encrypted data block that the attacker cannot directly decrypt to a victim, and relying on the victim to automatically decrypt that block and then send it back to the attacker as quoted...

Design/Logic Flaw

An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content by sending an encrypted data block that the attacker cannot directly decrypt to a victim, and relying on the victim to automatically decrypt that block and then send it back to the attacker as quoted...

CVE-2017-17844

An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content by sending an encrypted data block that the attacker cannot directly decrypt to a victim, and relying on the victim to automatically decrypt that block and then send it back to the attacker as quoted...

Security update for enigmail (important)

This update for enigmail to version 1.9.9 fixes the following issues boo1073858: Enigmail could be coerced to use a malicious PGP public key with a corresponding secret key controlled by an attacker Enigmail could have replayed encrypted content in partially encrypted e-mails, allowing a plaintex...

Travle aka PYLOT backdoor hits Russian-speaking targets

At the end of September, Palo Alto released a report on Unit42 activity where they - among other things – talked about PYLOT malware. We have been detecting attacks that have employed the use of this backdoor since at least 2015 and refer to it as Travle. Coincidentally, KL was recently involved ...

A week in security (December 11 – December 17)

Last week we explained what fast flux is and how it's being abused, we showed you all kinds of Bitcoin-related scams, presented a video recording of a tech support scammer trying to sell free software, and pointed out some free software to keep an eye on your Internet traffic. We also informed yo...

CVE-2017-14090

A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to the update servers are not encrypted...

Citrix NetScaler Application Delivery Controller and NetScaler Gateway Information Disclosure Vulnerability

Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway formerly known as Citrix Access Gateway Enterprise Edition are both products of Citrix Systems. NetScaler ADC is a service and application delivery solution Application Delivery Controller; NetScaler Gateway is a secure...

[SECURITY] Fedora 27 Update: openssh-7.6p1-2.fc27

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

Design/Logic Flaw

The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained an undocumented encrypted remote support tunnel SSH which auto initiated from the customer's appliance to Cisco's SSH Hubs in the Umbrella datacenters. These tunnels were primarily leveraged for remote support and allowed for...

CVE-2017-6679

The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained an undocumented encrypted remote support tunnel SSH which auto initiated from the customer's appliance to Cisco's SSH Hubs in the Umbrella datacenters. These tunnels were primarily leveraged for remote support and allowed for...

Python package pysaml2 information disclosure vulnerability

The Python package pysaml2 is a Python based implementation of the SAML protocol for exchanging authentication and authorization data between security domains. An information disclosure vulnerability exists in Python package pysaml2 4.4.0 and earlier. An attacker can exploit this vulnerability to...

“ProtonMail Contacts” world’s first encrypted contacts manager is here

By Waqas The world-renowned encrypted email service provider ProtonMail is back in the This is a post from HackRead.com Read the original post: ProtonMail Contacts worlds first encrypted contacts manager is here...

CVE-2017-2720

The CVE-2017-2720 issue affects Huawei FusionSphere OpenStack V100R006C00, where an information-exposure vulnerability stems from a hard-coded cryptographic key used to encrypt inter-component messages. This design flaw can increase the risk of encrypted data being recovered. Huawei’s Security Ad...

SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based...

Input validation

SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where they can remain indefinitely in certain situations, such as if the file is being edited when the user exits the application or if the application crashes...

ABB TropOS (Update A)

CVSS v3 6.8 Vendor: ABB Equipment: TropOS Vulnerabilities: Security Features UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-318-02 ABB TropOS that was published November 14, 2017, on the NCCIC/ICS-CERT website. AFFECTED PRODUCTS ABB reports that th...