262 matches found
A week in security (March 26 – April 01)
Last week, we looked at the thought process behind creating a ransomware decryptor, the inner workings of QuantLoader, the ways one can protect their Android devices, the exploit kits we have encountered this winter, the now-known epidemic of data breaches, the coming of TLS 1.3, and the ways one...
Insecure Random String Creation
ranger-hdfs-plugin uses insecure randomness. The vulnerability exists due to the usage of a insecure random generator during the creation of the wildcard path, allowing attackers to guess a string which may be being used...
NextGEN Gallery <= 2.2.46 - Galley Paths Not Secured
The changelog states: "Secured: Gallery paths and the ability to manage tags Kudos: ElevenPaths Telefonica cibersecurity Unit"...
CVE-2017-6926
In Drupal versions 8.4.x versions before 8.4.5 users with permission to post comments are able to view content and comments they do not have access to, and are also able to add comments to this content. This vulnerability is mitigated by the fact that the comment system must be enabled and the...
Estimating the Cost of Internet Insecurity
It's really hard to estimate the cost of an insecure Internet. Studies are all over the map. A methodical study by RAND is the best work I've seen at trying to put a number on this. The results are, well, all over the map: "Estimating the Global Cost of Cyber Risk: Methodology and Examples":...
CVE-2017-1000487
Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings...
Threatpost News Wrap Podcast for Nov. 10
Threatpost editors Mike Mimoso and Tom Spring discuss the week’s information security news, including Chris Valasek’s and Charlie Miller’s return to the security speaking rounds, a phony WhatsApp download pulled from Google Play, a deep dive into the recent cloud-based storage leaks, and the rece...
October 12, 2017 – Morning Cyber Coffee Headlines – “Fall Harvest Edition” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! October 12, 2017 - Headlines Carbon Black in the News: Ransomware market soars...
Emergency Apple Patch Fixes High Sierra Password Hint Leak
Apple rushed out an emergency patch Thursday that fixed an incredulous bug in its shiny new High Sierra operating system that revealed APFS volume passwords via the password hint feature. Brazilian researcher Matheus Mariano of Leet Tech found the bug and privately disclosed it to Apple. He said...
Alio Applicant Portal 6.0 SQL Injection
| \ | \ | | | | | | / \ | | | |/ / | |/ / | | | | | | | | | / / | | | / | / | | | | | | | | | | | | | | | |\ \ \ / / // / | | | /\ | | | | | / / / / / | | | \ | | / | | | / \ | | | | | \ | | | | \ \ / / | | | | | \ --. | | | / / | | | | | |/ / | | | | \ V / | | | . | --. \ | | | | | |...
CVE-2017-6466
F-Secure Software Updater 2.20, as distributed in several F-Secure products, downloads installation packages over plain http and does not perform file integrity validation after download. Man-in-the-middle attackers can replace the file with their own executable which will be executed under the...
CVE-2016-8372
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware...
On PoisonTap, Internet of Things Regulation, and Ransomware
Mike Mimoso and Chris Brook discuss the news of the week, including this week’s House hearing on the Internet of Things, Samy Kamkar’s PoisonTap tool, and Windows 10’s ransomware protections. Show notes: Regulation May Be Best Answer to IoT Insecurity PoisonTap Steals Cookies, Drops Backdoors on...
Vulnerability warning: Docker Swarm Manager remote management port access-vulnerability warning-the black bar safety net
! Docker is a domestic and international Cloud Platform common application the lightweight container, AWS, Baidu, etc. are used. Typically used for lightweight deployment of applications. In Docker Swarm of deployment documentation, since the default there is some insecurity in the sample...
Rayman Adventures - Dangerous filesystem permissions, Insecure KeyStore, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Rayman Adventures published at the 'play' market has multiple vulnerabilities...
LaunchDay - Skylanders - Dangerous filesystem permissions, Insecure KeyStore, MIT license vulnerabilities
HackApp vulnerability scanner discovered that application LaunchDay - Skylanders published at the 'play' market has multiple vulnerabilities...
sos: Usage of predictable temporary files allows privilege escalation
An insecure temporary file use flaw was found in the way sos created certain sosreport files. A local attacker could possibly use this flaw to perform a symbolic link attack to reveal the contents of sosreport files, or in some cases modify arbitrary files and escalate their privileges on the...
Oracle: Security Advisory (ELSA-2010-0567)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ZigBee is exposed a serious security vulnerability-vulnerability warning-the black bar safety net
1, ZigBee is exposed a serious security vulnerability Along with technology the rapid evolution of IOTThe Internet of Things, IoTthe concept once again on the rise, people all around the daily necessities, terminal equipment, and household appliances also gradually been given of the network...
CVE-2014-9743
Cross-site scripting XSS vulnerability in the httpdHtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player before 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the path info...