CVE-2022-24706

In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. The CouchDB documentation has always made recommendations for properly securing an installation, including recommending using a firewall in front o...

Sensitive Data: Securing Your Most Important Asset

By Owais Sultan According to Economist, "The worlds most valuable resource is no longer oil, but data" therefore protecting your most… This is a post from HackRead.com Read the original post: Sensitive Data: Securing Your Most Important Asset...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: Im speaking on "Securing a World of Physically Capable Computers" at @Hack on November 29, 2021. The list is maintained on this page...

5 Themes for Product Security and Fostering Organizational Growth

In this article we would like to review what Raj Umadas, Product Security Manager at Compass, has shared during our recent webinar highlighting recurring themes that have led to impactful collaborations and organizational risk reduction. Product security ProdSec is crucial in the process of growi...

Cyber Security Awareness: A Critical Checklist

October 2020 marks the 17th year of National CyberSecurity Awareness Month, where users and organizations are encouraged to double their efforts to be aware of cybersecurity issues in all their digital dealings—and to take concrete steps to increase their privacy and security as necessary. The...

SUSE-SU-2020:2748-1 Security update for libqt5-qtbase

This update for libqt5-qtbase fixes the following issues: - CVE-2020-17507: Fixed a buffer overflow in XBM parser bsc1176315 - Made handling of XDGRUNTIMEDIR more secure bsc1172515...

PAN-OS: Management web interface denial-of-service (DoS) through unauthenticated file upload

An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. It is possible for an attacker to disrupt the...

How do I implement a Zero Trust security model for my Microsoft remote workforce?

Digital empathy should guide your Zero Trust implementation Zero Trust has always been key to maintaining business continuity. And now, it’s become even more important during the COVID-19 pandemic to helping enable the largest remote workforce in history. While organizations are empowering people...

PAN-OS: OS command injection vulnerability in the management interface

An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. Work around: This issue impacts the PAN-OS management interface but you can mitigate the impact of this issue by following best...

PAN-OS: OS command injection vulnerability in management interface certificate generator

An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for use in the PAN-OS configuration. Work around: This issue affects t...

PAN-OS: Panorama management server log injection

A missing authorization vulnerability in the management server component of PAN-OS Panorama allows a remote unauthenticated user to inject messages into the management server ms.log file. This vulnerability can be leveraged to obfuscate an ongoing attack or fabricate log entries in the ms.log fil...

PAN-OS: Authenticated user command injection vulnerability

An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges. Work around: This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing t...

PAN-OS: OS command injection in management server

An OS command injection vulnerability in the management server component of PAN-OS allows an authenticated user to potentially execute arbitrary commands with root privileges. Work around: This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices...

PAN-OS: A format string vulnerability in PAN-OS log daemon (logd) on Panorama allows local privilege escalation

A format string vulnerability in the PAN-OS log daemon logd on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affect...

BadBlood - Fills A Microsoft Active Directory Domain With A Structure And Thousands Of Objects

BadBlood by Secframe fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding...

Open redirect

In Mailu before version 1.7, an authenticated user can exploit a vulnerability in Mailu fetchmail script and gain full access to a Mailu instance. Mailu servers that have open registration or untrusted users are most impacted. The master and 1.7 branches are patched on our git repository. All...

Memory Corruption in PAN-OS

Palo Alto Networks is aware of a memory corruption vulnerability in PAN-OS. Ref: PAN-123700/ CVE-2019-1582. Successful exploitation of this issue may allow an administrative user to cause arbitrary memory corruption by rekeying the current client interactive session. This issue affects PAN-OS 8.1...

U.S. Coast Guard Releases Cybersecurity Measures for Commercial Vessels

The U.S. Coast Guard has released a Safety Alert with recommended cybersecurity best practices for commercial vessels. With a dynamic cybersecurity threat landscape and growing reliance on technology to support vessels, the maritime community can help strengthen their defenses by implementing the...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'm speaking on "Securing a World of Physically Capable Computers" at Oxford University on Monday, June 17, 2019. The list is maintained on this page...

Denial of Service in PAN-OS Management Interface

A Denial of Service vulnerability exists in the SNMP library that affects PAN-OS Management Interface. Ref PAN-106922, CVE-2018-18065. Successful exploitation of this issue would allow a remote unauthenticated user to cause the SNMP daemon to crash, resulting in a denial of service. The...