π΄ Can Your Patching Strategy Keep Up with the Demands of Open Source? π΄
π Read
via "Dark Reading: ".
It's time to reassess your open source management policies and processes.π Read
via "Dark Reading: ".
Dark Reading
Can Your Patching Strategy Keep Up with the Demands of Open Source?
It's time to reassess your open source management policies and processes.
β Microsoft Management Console Bugs Allow Windows Takeover β
π Read
via "Threatpost".
Multiple cross-site scripting (XSS) bugs and an XML external entity (XXE) problem opens the door to takeover of admin desktops.π Read
via "Threatpost".
Threat Post
Microsoft Management Console Bugs Allow Windows Takeover
Multiple cross-site scripting (XSS) bugs and an XML external entity (XXE) problem opens the door to takeover of admin desktops.
π Security breaches: 4 business impacts π
π Read
via "Security on TechRepublic".
The average cost of a cyberattack is approximately $4.6 million, according to a Radware report.π Read
via "Security on TechRepublic".
TechRepublic
Security breaches: 4 business impacts
The average cost of a cyberattack is approximately $4.6 million, according to a Radware report.
π How small businesses can deal with getting regulated π
π Read
via "Security on TechRepublic".
Even SMBs have to deal with big regulations thanks to GDPR and more. One startup has an answer for how to manage compliance and security.π Read
via "Security on TechRepublic".
TechRepublic
How small businesses can deal with getting regulated
Even SMBs have to deal with big regulations thanks to GDPR and more. One startup has an answer for how to manage compliance and security.
π How HackerOne open sources security--one hacker at a time π
π Read
via "Security on TechRepublic".
MΓ₯rten Mickos says hacker-powered security is where open source was 15 years ago, but it's moving much faster than open source did.π Read
via "Security on TechRepublic".
TechRepublic
How HackerOne open sources security--one hacker at a time
MΓ₯rten Mickos says hacker-powered security is where open source was 15 years ago, but it's moving much faster than open source did.
π΄ Google Targets Deceptive Sites with New Chrome Tools π΄
π Read
via "Dark Reading: ".
A new extension and browser alert aim to help users report deceptive sites and prevent them from encountering fraud.π Read
via "Dark Reading: ".
Darkreading
Google Targets Deceptive Sites with New Chrome Tools
A new extension and browser alert aim to help users report deceptive sites and prevent them from encountering fraud.
π΄ The Evolution of Identity π΄
π Read
via "Dark Reading: ".
How data and technology can help businesses make the right fraud decisions, protect people's identities, and create an improved customer experience.π Read
via "Dark Reading: ".
Dark Reading
The Evolution of Identity
How data and technology can help businesses make the right fraud decisions, protect people's identities, and create an improved customer experience.
π΄ Advertising Alliance Plans Protocols to Reduce Dangerous Content π΄
π Read
via "Dark Reading: ".
The Global Alliance for Responsible Media will seek ways to clamp down on dangerous and fake content.π Read
via "Dark Reading: ".
Dark Reading
Advertising Alliance Plans Protocols to Reduce Dangerous Content
The Global Alliance for Responsible Media will seek ways to clamp down on dangerous and fake content.
β Linux Kernel Bug Knocks PCs, IoT Gadgets and More Offline β
π Read
via "Threatpost".
Four vulnerabilities could "SACK" connected devices with denial-of-service exploits.π Read
via "Threatpost".
Threat Post
Linux Kernel Bug Knocks PCs, IoT Gadgets and More Offline
Four vulnerabilities could "SACK" connected devices with denial-of-service exploits.
π New Guide Addresses Software Security in SDLC Models π
π Read
via "Subscriber Blog RSS Feed ".
A new white paper, published by NIST, recommends a core set of high life secure sotware development practices that can be added to SDLC implementation.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
New Guide Addresses Software Security in SDLC Models
A new white paper, published by NIST, recommends a core set of high level secure software development practices that can be added to SDLC implementation.
β Consumers Urged to Junk Insecure IoT Devices β
π Read
via "Threatpost".
A security researcher who disclosed flaws impacting 2 million IoT devices in April - and has yet to see a patch or even hear back from the manufacturers contacted - is sounding off on the dire state of IoT security.π Read
via "Threatpost".
Threat Post
Consumers Urged to Junk Insecure IoT Devices
A security researcher who disclosed flaws impacting 2 million IoT devices in April - and has yet to see a patch or even hear back from the manufacturers contacted - is sounding off on the dire state of IoT security.
ATENTIONβΌ New - CVE-2017-8336
π Read
via "National Vulnerability Database".
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new routes to the device. It seems that the POST parameters passed in this request to set up routes on the device can be set in such a way that would result in overflowing the stack set up and allow an attacker to control the $ra register stored on the stack. If the firmware version AL-R096 is dissected using binwalk tool, we obtain a cpio-root archive which contains the filesystem set up on the device that contains all the binaries. The binary "goahead" is the one that has the vulnerable function that recieves the values sent by the POST request. If we open this binary in IDA-pro we will notice that this follows a MIPS little endian format. The function sub_00420F38 in IDA pro is identified to be receiving the values sent in the POST request. The POST parameter "gateway" allows to overflow the stack and control the $ra register after 1546 characters. The value from this post parameter is then copied on the stack at address 0x00421348 as shown below. This allows an attacker to provide the payload of his/her choice and finally take control of the device.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-8335
π Read
via "National Vulnerability Database".
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of setting name for wireless network. These values are stored by the device in NVRAM (Non-volatile RAM). It seems that the POST parameters passed in this request to set up names on the device do not have a string length check on them. This allows an attacker to send a large payload in the "mssid_1" POST parameter. The device also allows a user to view the name of the Wifi Network set by the user. While processing this request, the device calls a function named "getCfgToHTML" at address 0x004268A8 which retrieves the value set earlier by "mssid_1" parameter as SSID2 and this value then results in overflowing the stack set up for this function and allows an attacker to control $ra register value on the stack which allows an attacker to control the device by executing a payload of an attacker's choice. If the firmware version AL-R096 is dissected using binwalk tool, we obtain a cpio-root archive which contains the filesystem set up on the device that contains all the binaries. The binary "goahead" is the one that has the vulnerable function that recieves the values sent by the POST request. If we open this binary in IDA-pro we will notice that this follows a MIPS little endian format. The function sub_00420F38 in IDA pro is identified to be receiving the values sent in the POST parameter "mssid_1" at address 0x0042BA00 and then sets in the NVRAM at address 0x0042C314. The value is later retrieved in the function "getCfgToHTML" at address 0x00426924 and this results in overflowing the buffer due to "strcat" function that is utilized by this function.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-6711
π Read
via "National Vulnerability Database".
A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo -e" built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv().π Read
via "National Vulnerability Database".
π΄ As Cloud Adoption Grows, DLP Remains Key Challenge π΄
π Read
via "Dark Reading: ".
As businesses use the cloud to fuel growth, many fail to enforce data loss prevention or control how people share data.π Read
via "Dark Reading: ".
Dark Reading
As Cloud Adoption Grows, DLP Remains Key Challenge
As businesses use the cloud to fuel growth, many fail to enforce data loss prevention or control how people share data.
ATENTIONβΌ New - CVE-2017-8337
π Read
via "National Vulnerability Database".
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of executing various actions on the web management interface. It seems that the device does not implement any Origin header check which allows an attacker who can trick a user to navigate to an attacker's webpage to exploit this issue and brute force the password for the web management interface. It also allows an attacker to then execute any other actions which include management if rules, sensors attached to the devices using the websocket requests.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-8334
π Read
via "National Vulnerability Database".
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of blocking IP addresses using the web management interface. It seems that the device does not implement any cross-site scripting forgery protection mechanism which allows an attacker to trick a user who is logged in to the web management interface into executing a cross-site scripting payload on the user's browser and execute any action on the device provided by the web management interface.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-8333
π Read
via "National Vulnerability Database".
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new routes to the device. It seems that the POST parameters passed in this request to set up routes on the device can be set in such a way that would result in passing commands to a "popen" API in the function and thus result in command injection on the device. If the firmware version AL-R096 is dissected using binwalk tool, we obtain a cpio-root archive which contains the filesystem set up on the device that contains all the binaries. The binary "goahead" is the one that has the vulnerable function that receives the values sent by the POST request. If we open this binary in IDA-pro we will notice that this follows a MIPS little endian format. The function sub_00420F38 in IDA pro is identified to be receiving the values sent in the POST request and the value set in POST parameter "dest" is extracted at address 0x00420FC4. The POST parameter "dest is concatenated in a route add command and this is passed to a "popen" function at address 0x00421220. This allows an attacker to provide the payload of his/her choice and finally take control of the device.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-8332
π Read
via "National Vulnerability Database".
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of blocking key words passing in the web traffic to prevent kids from watching content that might be deemed unsafe using the web management interface. It seems that the device does not implement any cross-site scripting protection mechanism which allows an attacker to trick a user who is logged in to the web management interface into executing a stored cross-site scripting payload on the user's browser and execute any action on the device provided by the web management interface.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-8331
π Read
via "National Vulnerability Database".
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new port forwarding rules to the device. It seems that the POST parameters passed in this request to set up routes on the device can be set in such a way that would result in passing commands to a "system" API in the function and thus result in command injection on the device. If the firmware version AL-R096 is dissected using binwalk tool, we obtain a cpio-root archive which contains the filesystem set up on the device that contains all the binaries. The binary "goahead" is the one that has the vulnerable function that recieves the values sent by the POST request. If we open this binary in IDA-pro we will notice that this follows a MIPS little endian format. The function sub_43C280in IDA pro is identified to be receiving the values sent in the POST request and the value set in POST parameter "ip_address" is extracted at address 0x0043C2F0. The POST parameter "ipaddress" is concatenated at address 0x0043C958 and this is passed to a "system" function at address 0x00437284. This allows an attacker to provide the payload of his/her choice and finally take control of the device.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2017-8330
π Read
via "National Vulnerability Database".
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a UPnP functionality for devices to interface with the router and interact with the device. It seems that the "NewInMessage" SOAP parameter passed with a huge payload results in crashing the process. If the firmware version AL-R096 is dissected using binwalk tool, we obtain a cpio-root archive which contains the filesystem set up on the device that contains all the binaries. The binary "miniupnpd" is the one that has the vulnerable function that receives the values sent by the SOAP request. If we open this binary in IDA-pro we will notice that this follows a MIPS little endian format. The function WscDevPutMessage at address 0x0041DBB8 in IDA pro is identified to be receiving the values sent in the SOAP request. The SOAP parameter "NewInMesage" received at address 0x0041DC30 causes the miniupnpd process to finally crash when a second request is sent to the same process.π Read
via "National Vulnerability Database".