Mac malware intercepts encrypted web traffic for ad injection

Last week, Malwarebytes researcher Adam Thomas found an interesting new piece of Mac malware that exhibits some troubling behaviors, including intercepting encrypted web traffic to inject ads. Let's take a closer look at this adware, which Malwarebytes for Mac detects as OSX.SearchAwesome, to see...

SUSE-SU-2018:1855-2 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-5848: In the function wmisetie, the length validation code did not handle unsigned integer overflow properly. As a result, a large value of the 'ielen...

Webshell Bypass Vulnerability in Web Security Dog (IIS Edition) V4.0

Website Security Dog IIS Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection features for comprehensive website security. Webshell bypass vulnerability exists in Web Security Dog IIS Edition V4.0. An attacker can...

Helm Wants You to Control Your Own Data Again

Helm hopes to make running your own private, encrypted server easy for everyone...

Ivanti Workspace Control and RES One Workspace Information Disclosure Vulnerability

Ivanti Workspace Control formerly known as RES One Workspace is a set of workspace control software from the American company Ivanti. The software includes features such as user management, application management and report management. A security vulnerability exists in Ivanti Workspace Control...

CVE-2018-15593

An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can decrypt the encrypted datastore or relay server password by leveraging an unspecified attack vector...

CVE-2018-15593

An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can decrypt the encrypted datastore or relay server password by leveraging an unspecified attack vector...

Design/Logic Flaw

An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can decrypt the encrypted datastore or relay server password by leveraging an unspecified attack vector...

[SECURITY] Fedora 27 Update: python-paramiko-2.3.3-1.fc27

Paramiko a combination of the Esperanto words for "paranoid" and "friend" is a module for python 2.3 or greater that implements the SSH2 protocol for se cure encrypted and authenticated connections to remote machines. Unlike SSL a ka TLS, the SSH2 protocol does not require hierarchical certificat...

[SECURITY] Fedora 28 Update: dislocker-0.7.1-10.fc28

Dislocker has been designed to read BitLocker encrypted partitions "drives " under a Linux system. The driver has the capability to read/write partitions encrypted using Microsoft Windows Vista, 7, 8, 8.1 and 10 AES-CBC, AES-XTS, 128 or 256 bits, with or without the Elephant diffuser, encrypted...

Design/Logic Flaw

An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 for iOS. The encrypted Connected Vehicle API data exchange between the app and a server might be intercepted. The app can be used to operate the Remote Parking Pilot, unlock the vehicle, or obtain sensitive information such as...

CVE-2018-18071

An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 for iOS. The encrypted Connected Vehicle API data exchange between the app and a server might be intercepted. The app can be used to operate the Remote Parking Pilot, unlock the vehicle, or obtain sensitive information such as...

CVE-2018-18071

An issue was discovered in the Daimler Mercedes-Benz Me app 2.11.0-846 for iOS. The encrypted Connected Vehicle API data exchange between the app and a server might be intercepted. The app can be used to operate the Remote Parking Pilot, unlock the vehicle, or obtain sensitive information such as...

CVE-2018-18071

The CVE concerns Daimler Mercedes-Benz Me app for iOS (version 2.11.0-846). The issue is the encrypted Connected Vehicle API data exchange between the app and its server, which could be intercepted. This could allow misuse of the Remote Parking Pilot, vehicle unlocks, or access to sensitive data ...

openstack-nova: Swapping encrypted volumes can allow an attacker to corrupt the LUKS header causing a denial of service in the host

OpenStack Nova has a vulnerability in the handling of encrypted volumes. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. All Nova installations supporting...

Moderate: Red Hat Security Advisory: openstack-nova security and bug fix update

An update for openstack-nova is now available for Red Hat OpenStack Platform 9.0 Mitaka. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

October 27, 2016 — KB3197954 (OS Build 14393.351)

October 27, 2016 — KB3197954 OS Build 14393.351 This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer 11, Start, File Explorer, action center, graphics, and the Windows kernel...

SHEIN-Fashion Shopping Site Suffers Data Breach Affecting 6.5 Million Users

U.S. online fashion retailer SHEIN has admitted that the company has suffered a significant data breach after unknown hackers stole personally identifiable information PII of almost 6.5 million customers. Based in North Brunswick and founded in 2008, SHEIN has become one of the largest online...

Vboxdie-Cracker - VirtualBox Disk Image Encryption Password Cracker

Virtual Box Disk Image Encryption password cracker Requirements 1. PHP = 5.5.0 2. OpenSSL = 1.0.1 XTS support Algorithm description User password is stored using a combination of PBKDF2 and AES-XTS as following shown values are fixed at the moment, but they can be controlled inside the file forma...

Dolibarr Gather Credentials via SQL Injection

This module enables an authenticated user to collect the usernames and encrypted passwords of other users in the Dolibarr ERP/CRM via SQL injection. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModu...