Tony Zeoli, Tony Hayes Security Vulnerabilities

Cutting the Red Tape: Lessons Learned from CyberThreats 2021

If I had a dollar for every time I heard the phrase "digital transformation," I would have a lot of dollars. I'm sure you would too. We'd have even more if we counted the term "Zero Trust." (Maybe we should start counting them, now that I think about it!) Speakers and authors often use these buzz.....

Unbreakable Enterprise kernel security update

[5.4.17-2102.203.5] - rds/ib: move rds_ib_clear_irq_miss() to .h file (Manjunath Patil) [Orabug: 33044344] [5.4.17-2102.203.4] - rds/ib: recover rds connection from interrupt loss scenario (Manjunath Patil) [Orabug: 32974199] - Revert Allow mce to reset instead of panic on UE (William Roche) ...

Unbreakable Enterprise kernel-container security update

[5.4.17-2102.203.5] - rds/ib: move rds_ib_clear_irq_miss() to .h file (Manjunath Patil) [Orabug: 33044344] [5.4.17-2102.203.4] - rds/ib: recover rds connection from interrupt loss scenario (Manjunath Patil) [Orabug: 32974199] - Revert 'Allow mce to reset instead of panic on UE' (William...

Mind the Gap: Securely Embracing the Digital Explosion

State and local governments are weathering a digital explosion. The move to "virtual everything" means that greater amounts of information are being produced and transmitted electronically, but the digital infrastructure powering these operations is straining under the weight. This shift is...

CVE-2021-22440

There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly...

CVE-2021-22440

There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly...

Path traversal

There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly...

CVE-2021-22440

There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly...

Security Advisory - Path Traversal Vulnerability in Some Huawei Products

There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly...

Google for OpSec data discovery

Following last month's post about what OpSec is and how it can benefit your company I wanted go a step further, and look at some of the ways you can super charge your searches to find interesting data about your company. Basic search parameters As I mentioned last month, one of the most useful...

Red Teaming. Practice what you preach

We carry out plenty of Red Teaming for customers. As a CBEST, STAR-FS and GBEST accredited supplier, our Red Team work with many large regulated organisations every day of the week. We frequently remind our clients how a simulated attack can be one of the best ways to assess prevention, detection.....

kernel security and bug fix update

[3.10.0-1160.31.1.OL7] - Update Oracle Linux certificates (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)([email protected]) - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-2.0.9 - Update...

Do you know your OpSec?

Open Source Intelligence (OSINT) is any information in the public domain that an attacker can dig up about you. Because of that it forms the basis of every Red Team engagement, as threat actor scenarios are created using publicly available information. Bearing that in mind it makes sense to review....

Beyond MFA: Rethinking the Authentication Key

You have to hand it to the cyber-thieves: They have proven extremely adept at defeating security measures once thought reliable. Case in point: multifactor authentication (MFA). While two-factor authentication (2FA) using push text notifications has become the de-facto standard for login security,....

JetBrains Security Bulletin Q1 2021

JetBrains News Security JetBrains Security Bulletin Q1 2021 Robert Demmer In the first quarter of 2021, we resolved a number of security issues in our products. Here’s a summary report that contains a description of each issue and the version in which it was resolved. Product | Description |...

2021. The age of the super vulnerability?

I don’t know about you, but to me it seems that every week we are seeing another vulnerability that not only grants significant access to the vulnerable system but also more widely internally. This last week we have seen the latest round of Microsoft Exchange vulnerabilities. The April 2021 update....

Check Point Identity Agent Arbitrary File Write Vulnerability

...

Check Point Identity Agent Arbitrary File Write

...

Unbreakable Enterprise kernel security update

[5.4.17-2102.200.13] - bpf, selftests: Fix up some test_verifier cases for unprivileged (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Add sanity check for upper ptr_limit (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Simplify...

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Remote Code Execution

...

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Remote Code Execution

...

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Remote Code Execution (Backdoors)

Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Remote Code Execution (Backdoors) Advisory ID: ZSL-2021-5639 Type: Local/Remote Impact: Security Bypass, System Access, DoS Risk: (5/5) Release Date: 18.03.2021 Summary JT3500V is a most advanced LTE-A Pro CAT12 indoor Wi-Fi & VoIP CPE...

Molson Coors Cracks Open a Cyberattack Investigation

Another high-profile company has been hit with a cyber attack that’s causing a major disruption to its business. Brewing company Molson Coors acknowledged on Thursday that it has “experienced a systems outage that was caused by a cybersecurity incident,” according to a Form 8-K filed with the SEC.....

Unbreakable Enterprise kernel security update

[5.4.17-2036.104.4.el8uek] - KVM: arm64: guest context in x18 instead of x29 (Mihai Carabas) [Orabug: 32545182] [5.4.17-2036.104.3.el8uek] - config: enable CONFIG_MLX5_MPFS (Brian Maly) [Orabug: 32249042] - net: Fix bridge enslavement failure (Ido Schimmel) [Orabug: 32503298] - inet: do not...

Unbreakable Enterprise kernel-container security update

[5.4.17-2036.104.4.el7] - KVM: arm64: guest context in x18 instead of x29 (Mihai Carabas) [Orabug: 32545182] [5.4.17-2036.104.3.el7] - config: enable CONFIG_MLX5_MPFS (Brian Maly) [Orabug: 32249042] - net: Fix bridge enslavement failure (Ido Schimmel) [Orabug: 32503298] - inet: do not call...

New 'Silver Sparrow' Malware Infected Nearly 30,000 Apple Macs

Days after the first malware targeting Apple M1 chips was discovered in the wild, researchers have disclosed yet another previously undetected piece of malicious software that was found in about 30,000 Macs running Intel x86_64 and the iPhone maker's M1 processors. However, the ultimate goal of...

North Korean hackers charged with $1.3 billion of cyberheists

The US Department of Justice recently unsealed indictments detailing North Korea's involvement in several global cyberattack campaigns against institutions in the financial and entertainment sectors, and money laundering schemes in certain US states. The first unsealed indictment is for hacking...

U.S. Indicts North Korean Hackers in Theft of $200 Million

The U.S. Justice Department today unsealed indictments against three men accused of working with the North Korean regime to carry out some of the most damaging cybercrime attacks over the past decade, including the 2014 hack of Sony Pictures, the global WannaCry ransomware contagion of 2017, and...

kernel security, bug fix, and enhancement update

[4.18.0-240.15.1_3.OL8] - Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with...

Credential Stuffing and Account Takeovers -- The Business View

Account takeovers (ATOs), in which criminals impersonate legitimate account owners in order to take control of an account, cause tremendous pain for businesses in all industries. This pain may be monetary, such as losses from stolen accounts, but may also include a number of related problems, like....

Most-Wanted Threatpost Stories of 2020

As 2020 draws to a close, it’s clear that work-from-home security, ransomware, COVID-19-themed social engineering and attacks by nation-states will go down as defining topics for the cybersecurity world for the year. Threatpost also took a retrospective view on what readers were most interested...

The evolution of MFA authentication technology and what needs to change next

Authentication attacks are big business, and no one is immune from them. In fact, two men were recently arrested and charged in the Twitter employee account compromise that happened in July 2020. Using employee account credentials, the attackers took over several highly visible celebrity Twitter...

CVE-2020-9247

There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a...

CVE-2020-9247

There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a...

Buffer overflow

There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a...

CVE-2020-9247

There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a...

2021 Healthcare Cybersecurity Priorities: Experts Weigh In

Healthcare cybersecurity is in triage mode. As systems are stretched to the limits by COVID-19 and technology becomes an essential part of everyday patient interactions, hospital and healthcare IT departments have been left to figure out how to make it all work together, safely and securely. Most.....

Scams Ramp Up Ahead of Black Friday Cybercriminal Craze

The number of online holiday shoppers this year is expected to skyrocket due to the pandemic – and consequently, consumers can expect an onslaught of scams, phishing attacks and other malicious activities. The risk of infection is driving consumers to shop from the safety of their homes, rather...

CVE-2020-9109

There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful...

CVE-2020-9109

There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful...

Information disclosure

There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful...

CVE-2020-9109

There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful...

Unbreakable Enterprise kernel security update

[5.4.17-2011.7.4] - iommu/amd: Restore IRTE.RemapEn bit for amd_iommu_activate_guest_mode (Suravee Suthikulpanit) [Orabug: 31931369] - iommu/amd: Fix potential @entry null deref (Joao Martins) [Orabug: 31931369] - iommu/amd: Restore IRTE.RemapEn bit after programming IRTE (Suravee...

Cyber Security Month. What can you do?

October is Cyber Security Month, when organisations like the CISA, the ECSM, and many more promote initiatives to help raise security awareness. Around the world companies are dedicating time to improve staff security awareness, and it's a really busy time for us. You may be thinking you’d like to....

kernel security, bug fix, and enhancement update

[3.10.0-1160.OL7] - Oracle Linux certificates (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)([email protected]) - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-2.0.3 [3.10.0-1160] - [kernel]...

Security Advisory - Information Disclosure Vulnerability in Several Smartphones

There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful...

CVE-2020-1472/Zerologon. As an IT manager should I worry?

TL;DR Yes, apply the update from Microsoft. The new MS08-067? CVE-2020-1472 is an elevation of privilege vulnerability in a cryptographic authentication scheme used by the Netlogon service and was discovered (and named Zerologon) by Tom Tervoort at Secura. It does not require authentication. It...

Hacker finds ex-Aussie PM’s passport number using his Instagram post

By Sudais Asif The Prime Minister in the discussion is Tony Abbott whose Instagram post of his boarding pass allowed a hacker to dig deep. This is a post from HackRead.com Read the original post: Hacker finds ex-Aussie PM's passport number using his Instagram...

When The Going Gets Tough – R&D Calls With Customers – Doing It Right!

Several years ago, I joined the development team of a new product within Imperva. I discovered that direct interaction between us developers and our customers was much more frequent than on more mature products - customer calls are an invaluable tool when developing from scratch. However, these...

Consumer advice: Giggle vulnerability

Another week passes and another organisation chooses to deny a critical vulnerability in their site rather than fix it. I’m talking of course about Giggle, the social network site designed as a safe space for women to, “give girls choice, control, consent and connection”. If you are not aware,...