Fully segregated networks? Your dual-homed devices might disagree

TL;DR Using dual-homed devices as a segregation tool is not recommended as a security design solution Use dedicated hardware and robust firewalls to segregate networks to limit access to critical networks Proactively check for unintended exposure of network services and disable unnecessary servic...

Westermo EDW-100 Insufficiently Protected Credentials (CVE-2024-36081)

Westermo EDW-100 allows an unauthenticated GET request that can download the configuration-file that contains the configuration, username, and passwords in clear-text. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Westermo EDW-100

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Westermo Equipment : EDW-100 Vulnerabilities : Use of Hard-coded Password, Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment

Actions to take today to harden your internal environment to mitigate follow-on activity after initial access. 1. Use phishing-resistant multi-factor authentication MFA for all administrative access. 2. Verify the implementation of appropriate hardening measures, and change, remove, or deactivate...

Government Agencies Warn of Increase in Cyberattacks Targeting MSPs

Multiple cybersecurity authorities from Australia, Canada, New Zealand, the U.K., and the U.S. on Wednesday released a joint advisory warning of threats targeting managed service providers MSPs and their customers. Key among the recommendations include identifying and disabling accounts that are ...

From open Guest Wi-Fi to pwning a lift

…or why validating network segregation is critical TL;DR A recent engagement took quite an unexpected turn and led to me having remote control of a bunch of building services including a lift from the street outside, unauthenticated. A single firewall rule bypassed some well configured VLANs and...

Hacking Operational Technology for Defense: Lessons Learned From OT Red Teaming Smart Meter Control Infrastructure

High-profile security incidents in the past decade have brought increased scrutiny to cyber security for operational technology OT. However, there is a continued perception across critical infrastructure organizations that OT networks are isolated from public networks—such as the Internet. In...

Congrats, you got everyone remote. But did you do it securely?

The lockdown has meant entire companies of typically office based staff being forced to work from home. The change to our way of life is like nothing anyone has in living memory ever seen. However, alongside that, IT teams have had to rush to deliver solutions that were simply not designed for th...

Increased Emotet Malware Activity

The Cybersecurity and Infrastructure Security Agency CISA is aware of a recent increase in targeted Emotet malware attacks. Emotet is a sophisticated Trojan that commonly functions as a downloader or dropper of other malware. Emotet primarily spreads via malicious email attachments and attempts t...

D-Link DSL-3782 Authentication Bypass

Exploit Title: D-Link DSL 3782 - Authentication Bypass Vendor Homepage: https://eu.dlink.com Version: A1WI20170303 || SWVer="V100R001B012" FWVer="3.10.0.24" FirmVer="TT77616E6771696F6E67" Category: Webapps Exploit Author: Giulio Comi CVE : CVE-2018-8898 Date: 20/05/2018 Description The web panel ...

Hacking train passenger Wi-Fi

After speaking about Wi-Fi security at a rail industry conference last week, it struck me that very insecure passenger networks are making their way on to trains. So, here’s a quick check list for making sure your pax Wi-Fi network is secure. Similar checks could be applied to your guest network ...

Windows NSA Information Assurance: Locklevel

Windows NSA Information Assurance LOCKLEVEL was a rapidly built prototype that demonstrates a method for scoring how well Windows systems have implemented some of the NSA Information Assurance top 10 mitigation strategies . This prototype is being shared to encourage industry adoption of these...

Host Logical Network Segregation Weakness

The remote host is on a different logical network than the Nessus scanner. However, it is on the same physical subnet. An attacker connecting from the same network as your Nessus scanner could reconfigure his system to force it to belong to the subnet of the remote host. This may allow an attacke...