Cisco’s new tool will detect malware in encrypted traffic

By Waqas On January 10, Cisco’s officially released its software platform Encrypted This is a post from HackRead.com Read the original post: Ciscos new tool will detect malware in encrypted traffic...

Hoermann BiSecur Device Key Acquisition Vulnerability

Hoermann BiSecur devices is a security door remote control device from Hoermann Germany. A security vulnerability exists in Hoermann BiSecur devices prior to version 2018. An attacker could exploit the vulnerability by recording a single radio broadcast to intercept radio frames between the BiSec...

CVE-2017-17704

A door-unlocking issue was discovered on Software House iStar Ultra devices through 6.5.2.20569 when used in conjunction with the IP-ACM Ethernet Door Module. The communications between the IP-ACM and the iStar Ultra is encrypted using a fixed AES key and IV. Each message is encrypted in CBC mode...

HP Insight Control For VMware vCenter Server 7.3 Insecure Permissions Vulnerability

HP Insight Control for VMware vCenter Server version 7.3 allows a low privileged attacker to read sensitive information files, decrypt all configuration server passwords, and gain access to the systems which in turn leads to the compromise of the whole infrastructure. / Exploit Title: HP Insight...

Elevation Of Privileges

passport-wsfed-saml2 is vulnerable to elevation of privileges. When a SAML identity provider doesn't sign the entire SAML response, attackers can change the NameIdentifier to login as a different user. The attacker needs either be able to intercept encrypted traffic and modify SAML responses on t...

CVE-2017-17844

An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content by sending an encrypted data block that the attacker cannot directly decrypt to a victim, and relying on the victim to automatically decrypt that block and then send it back to the attacker as quoted...

CVE-2017-17844

An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content by sending an encrypted data block that the attacker cannot directly decrypt to a victim, and relying on the victim to automatically decrypt that block and then send it back to the attacker as quoted...

CVE-2017-17844

An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content by sending an encrypted data block that the attacker cannot directly decrypt to a victim, and relying on the victim to automatically decrypt that block and then send it back to the attacker as quoted...

Design/Logic Flaw

An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content by sending an encrypted data block that the attacker cannot directly decrypt to a victim, and relying on the victim to automatically decrypt that block and then send it back to the attacker as quoted...

CVE-2017-17844

An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content by sending an encrypted data block that the attacker cannot directly decrypt to a victim, and relying on the victim to automatically decrypt that block and then send it back to the attacker as quoted...

Security update for enigmail (important)

This update for enigmail to version 1.9.9 fixes the following issues boo1073858: Enigmail could be coerced to use a malicious PGP public key with a corresponding secret key controlled by an attacker Enigmail could have replayed encrypted content in partially encrypted e-mails, allowing a plaintex...

Travle aka PYLOT backdoor hits Russian-speaking targets

At the end of September, Palo Alto released a report on Unit42 activity where they - among other things – talked about PYLOT malware. We have been detecting attacks that have employed the use of this backdoor since at least 2015 and refer to it as Travle. Coincidentally, KL was recently involved ...

A week in security (December 11 – December 17)

Last week we explained what fast flux is and how it's being abused, we showed you all kinds of Bitcoin-related scams, presented a video recording of a tech support scammer trying to sell free software, and pointed out some free software to keep an eye on your Internet traffic. We also informed yo...

CVE-2017-14090

A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to the update servers are not encrypted...

Citrix NetScaler Application Delivery Controller and NetScaler Gateway Information Disclosure Vulnerability

Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway formerly known as Citrix Access Gateway Enterprise Edition are both products of Citrix Systems. NetScaler ADC is a service and application delivery solution Application Delivery Controller; NetScaler Gateway is a secure...

[SECURITY] Fedora 27 Update: openssh-7.6p1-2.fc27

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

CVE-2017-6679

The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained an undocumented encrypted remote support tunnel SSH which auto initiated from the customer's appliance to Cisco's SSH Hubs in the Umbrella datacenters. These tunnels were primarily leveraged for remote support and allowed for...

Design/Logic Flaw

The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained an undocumented encrypted remote support tunnel SSH which auto initiated from the customer's appliance to Cisco's SSH Hubs in the Umbrella datacenters. These tunnels were primarily leveraged for remote support and allowed for...

Python package pysaml2 information disclosure vulnerability

The Python package pysaml2 is a Python based implementation of the SAML protocol for exchanging authentication and authorization data between security domains. An information disclosure vulnerability exists in Python package pysaml2 4.4.0 and earlier. An attacker can exploit this vulnerability to...

“ProtonMail Contacts” world’s first encrypted contacts manager is here

By Waqas The world-renowned encrypted email service provider ProtonMail is back in the This is a post from HackRead.com Read the original post: ProtonMail Contacts worlds first encrypted contacts manager is here...