58 matches found
Guinea Pig and Vulnerability Management products
IMHO, security vendors use the term "Vulnerability Management" extremely inaccurate. Like a guinea pig, which is not a pig and is not related to Guinea, the current Vulnerability Management products are not about the actual practically exploitable vulnerabilities and not really about the...
PRYTEK meetup: Breach and Attack Simulation or Automated Pentest?
Last Tuesday, November 27, I spoke at "Business Asks for Cyber Attacks" meetup organized by PRYTEK investment platform. The event was held at the PRYTEK Moscow office in a beautiful XIX century building of a former textile manufactory. The goal of the meetup was to talk about new approaches in...
SUSE-SU-2018:2539-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-15572: The spectrev2selectmitigation function in arch/x86/kernel/cpu/bugs.c did not always fill RSB upon a context switch, which made it easier for attacker...
‘Chaff Bug’ Defense Rolls Out Shiny Objects for Attackers to Find
Camouflage and distraction have long been hallmarks of warfare, and it’s no different when it comes to the cyber-front. A group of researchers from New York University are taking the idea further than it’s gone before with the idea of introducing decoy bugs into code – ultimately non-exploitable...
Security Bulletin: Multiple OpenSource Expat XML Vulnerabilities affect IBM DB2 Net Search Extender for Linux, Unix and Windows
Summary There are multiple vulnerabilities in open source expat XML parser that is used in DB2 Net Search Extender. Vulnerability Details CVEID: CVE-2012-0876 DESCRIPTION: Expat is vulnerable to a denial of service, caused by insufficient randomization of hash data structures. By sending multiple...
Live Dashboards for Demonstrating Remediation Progress
Is your security team working on the right things to make your organization safer today? How can you prove it with data? Knowing Versus Doing Knowing your threat exposure is only half the picture. The other half is knowing which actions to take with your vulnerability management solution to secur...
YASUO - Scans for Vulnerable & Exploitable 3rd-party Web Applications
Yasuo is a ruby script that scans for vulnerable 3rd-party web applications. While working on a network security assessment internal, external, redteam gigs etc., we often come across vulnerable 3rd-party web applications or web front-ends that allow us to compromise the remote server by exploiti...
Hacking Traffic Systems for Fun and Chaos
It has been a running joke in the tech industry for years that the hacking scenes in movies are, well, a joke. Hackers in hoodies pushing a few keys and taking down the power grid or causing massive traffic pileups by turning all the stoplights green at once. While those scenes provide endless...
Microsoft, Kaspersky Shed Light on Sefnit Tor Botnet
Alarm bells went off last August when spikes in Tor client downloads were traced to a large click-fraud and Bitcoin-mining botnet called Sefnit. The malware was using the popular anonymity network to communicate with hackers in order to transmit stolen data and receive additional commands. In...
Gaming Platforms as an attack vector against remote systems
Little more than a year ago I wrote about the possibility to attack gaming platform to compromise large audience of gamers in stealthy way, the access to millions of machines represent a dream for every attackers and I hypnotized its repercussion in cyber warfare domains. Gaming platform are...
Wind River VxWorks SSH and Web Server and General Electric D20MX
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Wind River, General Electric Equipment: VxWorks, D20MX --------- Begin Update A Part 1 of 4 --------- Vulnerabilities: Improper Input Validation --------- End Update A Part 1 of 4 --------- 2...
Oracle Outside In contains multiple exploitable vulnerabilities
Overview Oracle Outside In contains multiple exploitable vulnerabilities in its parsers, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Oracle Outside In is a set of libraries that can decode over 500 different file formats...
Executables, Other Files Can Be Used in Attacks Similar to DLL-Hijacking
There are a number of other file types that can be used in the same kind of attacks that have been used in the DLL-hijacking exploit in recent weeks. Experts say that executable files, Windows INI files and some other file types can be used in these same attacks. The attack scenario would be...
Debian Security Advisory DSA 187-1 (apache)
The remote host is missing an update to apache announced via advisory DSA 187-1. OpenVAS Vulnerability Test $Id: deb1871.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 187-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
barracudadrive 3.7.2 - Multiple Vulnerabilities
barracudadrive 3.7.2 - Multiple Vulnerabilities Luigi Auriemma Application: BarracudaDrive Web Server http://barracudaserver.com/products/BarracudaDrive/ http://barracudaserver.com/products/HomeServer/ Versions: = 3.7.2 Platforms: Windows Bugs: A directory traversal B scripts source visualization...
HP-UX PHSS_27477 : s700_800 11.04 Virtualvault 4.5 Inside Admin Server Update
s700800 11.04 Virtualvault 4.5 Inside Admin Server Update : The remote HP-UX host is affected by multiple vulnerabilities : - Remotely exploitable potential vulnerabilities have been reported in CA-2002-21 and CVE-2002-0658. - A potential remotely exploitable vulnerability in handling of large da...
gaim remotely exploitable vulnerabilities in MSN component
Sebastian Krahmer discovered several remotely exploitable buffer overflow vulnerabilities in the MSN component of gaim. In two places in the MSN protocol plugins object.c and slp.c, strncpy was used incorrectly; the size of the array was not checked before copying to it. Both bugs affect MSN's...
mod_ntlm.txt
Product Description modntlm is an Apache module originially designed for Apache 1.3, now available for Apache 2.0 that provides the ability for Apache services to authenticate users via the NTLM authentication technology that is largely specific to Microsoft IIS. Home page:...