Iranian Hackers Exploiting VPN Flaws to Backdoor Organizations Worldwide

A new report published by cybersecurity researchers has unveiled evidence of Iranian state-sponsored hackers targeting dozens of companies and organizations in Israel and around the world over the past three years. Dubbed "Fox Kitten ," the cyber-espionage campaign is said to have been directed a...

Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure (PoC)

Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure PoC Exploit Title: Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure PoC Discovery Date: 2019-01-31 Exploit Author: Nolan B. Kennedy nxkennedy Vendor Homepage: https://www.verodin.com/...

Verodin Director Web Console 3.5.4.0 Password Disclosure

Exploit Title: Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure PoC Discovery Date: 2019-01-31 Exploit Author: Nolan B. Kennedy nxkennedy Vendor Homepage: https://www.verodin.com/ Software Link : https://www.verodin.com/demo-request/demo-request-form Tested Versions...

CVE-2019-9495

A flaw was found in wpasupplicant. Side channel attacks were recently discovered in the SAE implementations used by both hostapd and wpasupplicant. EAP-pwd uses a similar design for deriving PWE from the password and while a specific attack against EAP-pwd is not yet known to be tested, there is ...

Huawei EulerOS: Security Advisory for openssl110h (EulerOS-SA-2019-2218)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Persistence – Modify Existing Service

It is not uncommon for APT Groups to modify an existing service on the compromised host in order to execute an arbitrary payload when the… Continue reading - Persistence - Modify Existing Service...

January 23, 2020—KB4534308 (OS Build 17134.1276)

January 23, 2020—KB4534308 OS Build 17134.1276 Windows 10, version 1803 the April 2018 Update Home and Pro editions have reached end of service. For Windows 10 devices that are at, or within several months of reaching end of service, Windows Update will automatically initiate a feature update wit...

Threat Analysis Unit (TAU) Technical Report: The Prospect of Iranian Cyber Retaliation

Several different events in the Middle East ME region have escalated in the last several weeks between Iran and the United States. After a series of military operations between the two countries, several alerts were released from the U.S. government of a potential for cyberattacks. Traditionally...

This Week in Security News: The First Patch Tuesday Update of 2020 and Pwn2Own Vancouver Announced

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about a major crypto-spoofing bug impacting Windows 10 that has been fixed as part of Microsoft’s January Patch Tuesday update. Also,...

CVE-2014-8673

Multiple SQL vulnerabilities exist in planning.php, userlist.php, projets.php, usergroupes.php, and groupelist.php in Simple Online Planning SOPPlanningbefore 1.33...

AWS Report - Tool For Analyzing Amazon Resources

AWS Report is a tool for analyzing amazon resources. Features Search iam users based on creation date Search buckets public Search security group with inbound rule for 0.0.0.0/0 Search elastic ip dissociated Search volumes available Search AMIs with permission public Search internet gateways...

How Organizations Can Defend Against Advanced Persistent Threats

Advanced persistent threats APTs have emerged to be legitimate concerns for all organizations. APTs are threat actors that breach networks and infrastructures and stealthily lurk within them over extended spans of time. They typically perform complex hacks that allow them to steal or destroy data...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM i

Summary OpenSSL is used by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-1547 DESCRIPTION: Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to constru...

CVE-2019-15577

An information disclosure vulnerability exists in GitLab CE/EE v12.3.2, v12.2.6, and v12.1.12 that allowed project milestones to be disclosed via groups browsing...

Information disclosure

An information disclosure vulnerability exists in GitLab CE/EE v12.3.2, v12.2.6, and v12.1.12 that allowed project milestones to be disclosed via groups browsing...

CVE-2019-15577

Removed by vendor...

2019: The year in malware

By Jon Munshaw. From ransomware attacks to DNS deception, attackers were just as active as ever in 2019. This year saw a number of big-name malware families come onto the scene, including Sea Turtle, one of the most high-profile DNS hijacking attempts in recent memory. BlueKeep also stirred up...

CVE-2017-18107

Various resources in the Crowd Demo application of Atlassian Crowd before version 3.1.1 allow remote attackers to modify add, modify and delete users & groups via a Cross-site request forgery CSRF vulnerability. Please be aware that the Demo application is not enabled by default...

Cross site request forgery (csrf)

Various resources in the Crowd Demo application of Atlassian Crowd before version 3.1.1 allow remote attackers to modify add, modify and delete users & groups via a Cross-site request forgery CSRF vulnerability. Please be aware that the Demo application is not enabled by default...

CVE-2017-18107

The data confirms a CSRF vulnerability in Atlassian Crowd’s Crowd Demo application prior to version 3.1.1. The issue allows remote attackers to add/modify/delete users and groups by crafting unauthorized requests, due to insufficient request validation in the web application. The Demo app is not ...