Blog News Vulnerebility Blog -  

Úvod  APT blog  Attack blog  BigBrother blog  BotNet blog  Bug blog  Cyber blog  Cryptocurrency blog  Exploit blog  Hacking blog  Hardware blog  ICS blog  Incident blog  IoT blog  Malware blog  OS Blog  Phishing blog  Ransomware blog  Safety blog  Security blog  Social blog  Spam blog  Vulnerebility blog


 


Datum

Název

Info

Blog

Companies

19.5.19

The NSO WhatsApp Vulnerability – This is How It Happened

Earlier today the Financial Times published that there is a critical vulnerability in the popular WhatsApp messaging application and that it is actively being used to inject spyware into victims phones. According to the report, attackers only need to issue specially crafted VoIP calls to the victim in order to infect it with no user interaction required for the attack to succeed. As WhatsApp is used by 1.5bn people worldwide, both on Android phones and iPhones, the messaging and voice application is known to be a popular target for hackers and governments alike.

Vulnerebility blog

Checkpoint

19.5.19

Vulnerability Spotlight: Multiple vulnerabilities in Wacom Update Helper

There are two privilege escalation vulnerabilities in the Wacom update helper. The update helper is a utility installed alongside the macOS application for Wacom tablets. The application interacts with the tablet and allows the user to manage it. These vulnerabilities could allow an attacker with local access to raise their privileges to root.

Vulnerebility blog

Cisco Talos

19.5.19

Vulnerability Spotlight: Remote code execution bug in Antenna House Rainbow PDF Office document converter

A buffer overflow vulnerability exists in Antenna House’s Rainbow PDF when the software attempts to convert a PowerPoint document. Rainbow PDF has the ability to convert Microsoft Office 97-2016 documents into a PDF. This particular bug arises when the converter incorrectly checks the bounds of a particular function, causing a vtable pointer to be overwritten. This could allow an attacker to overflow the buffer and gain the ability to execute code remotely on the victim machine.

Vulnerebility blog

Cisco Talos

19.5.19

Vulnerability Spotlight: Remote code execution vulnerabilities in Adobe Acrobat Reader

There are two remote code execution vulnerabilities in Adobe Acrobat Reader that could occur if a user were to open a malicious PDF on their machine using the software. Acrobat is the most widely used PDF reader on the market, making the potential target base for these bugs fairly large. The program supports embedded JavaScript code in the PDF to allow for interactive PDF forms, giving the potential attacker the ability to precisely control memory layout and creating an additional attack surface.

Vulnerebility blog

Cisco Talos

19.5.19

Microsoft Patch Tuesday — May 2019: Vulnerability disclosures and Snort coverage

Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 79 vulnerabilities, 22 of which are rated “critical," 55 that are considered "important" and one "moderate." This release also includes two critical advisories: one covering Microsoft Live accounts and another addressing updates to Adobe Flash Player.

Vulnerebility blog

Cisco Talos

19.5.19

Vulnerability Spotlight: Multiple vulnerabilities in the Roav A1 Dashcam

Cisco Talos is disclosing multiple vulnerabilities in the Anker Roav A1 Dashcam and the Novatek NT9665X chipset. The Roav A1 Dashcam by Anker is a dashboard camera that allows users to connect using the Roav app for Android and iOS so that the users can toggle settings and download videos from the dashcam, along with a host of other features. These vulnerabilities could be leveraged by an attacker to gain arbitrary code execution on affected devices.

Vulnerebility blog

Cisco Talos

12.5.19

Trashing the Flow of Data

In this blog post I want to present crbug.com/944062, a vulnerability in Chrome’s JavaScript compiler TurboFan that was discovered independently by Samuel (saelo@) via fuzzing with fuzzilli, and by myself via manual code auditing. The bug was found in beta and was fixed before it made it into the stable release of Chrome, but I think it’s interesting for a few reasons and decided to write about it.

Vulnerebility blog

Checkpoint

12.5.19

Vulnerability Spotlight: Remote code execution bug in SQLite

SQLite contains an exploitable use-after-free vulnerability that could allow an attacker to gain the ability to remotely execute code on the victim machine. SQLite is a client-sidedatabase management system contained in a C programming library. SQLite implements the Window Functions feature of SQL, which allows queries over a subset, or “window,” of rows. This specific vulnerability lies in that “window” function.

Vulnerebility blog

Cisco Talos

12.5.19

Vulnerability Spotlight: Multiple bugs in several Jenkins plugins

Jenkins is an open-source automation server written in Java. There are several plugins that exist to integrate Jenkins with other pieces of software, such as GitLab. Today, Cisco Talos is disclosing vulnerabilities in three of these plugins: Swarm, Ansible and GitLab. All three of these are information disclosure vulnerabilities that could allow an attacker to trick the plugin into disclosing credentials from the Jenkins credential database to a server that they control.

Vulnerebility blog

Cisco Talos

6.5.19

Denial of Service Vulnerabilities Discovered in HTTP/2

Organizations all around the world are transitioning into fully supporting the HTTP/2 protocol to deliver their applications. As we know, new protocols come with new functionality and new implementations, thus creating a vast, fresh attack surface for both researchers and adversaries. Researchers have already started studying this protocol and have even reported vulnerabilities.

Vulnerebility blog

F5 Labs

6.5.19

Vulnerabilities in ISPsystem

ISPsystem panel is a well-known software with a user-friendly web interface for managing web-servers, dedicated servers, VPS (Virtual Private Servers) and billing. ISPsystem software products are utilized by hundreds of hosting providers around the world, including 1Cloud, King Servers, and Ru-Center. ISPsystem products have more than 10,000 installations:

Vulnerebility blog

Checkpoint

6.5.19

Vulnerability Spotlight: Multiple vulnerabilities in Sierra Wireless AirLink ES450

Several exploitable vulnerabilities exist in the Sierra Wireless AirLink ES450, an LTE gateway designed for distributed enterprise, such as retail point-of-sale or industrial control systems. These flaws present a number of attack vectors for a malicious actor, and could allow them to remotely execute code on the victim machine, change the administrator’s password and expose user credentials, among other scenarios.

Vulnerebility blog

Cisco Talos

6.5.19

D-Link camera vulnerability allows attackers to tap into the video stream

ESET researchers highlight a series of security holes in a device intended to make homes and offices more secure

Vulnerebility blog

Eset

24.4.19

Vulnerability Spotlight: Symantec Endpoint Protection kernel memory information disclosure vulnerability

Cisco Talos is disclosing an information leak vulnerability in the ccSetx86.sys kernel driver of Symantec Endpoint Protection Small Business Edition. The vulnerability exists in the driver’s control message handler. 

Vulnerebility blog

Cisco Talos

24.4.19

Vulnerability Spotlight: Denial of service in VMWare Workstation 15

VMware Workstation 15 contains an exploitable denial-of-service vulnerability. Workstation allows users to run multiple operating systems on a Linux or Windows PC. An attacker could trigger this particular vulnerability from VMware guest user mode to cause a denial-of-service condition through an out-of-bounds read. This vulnerability only affects Windows machines.

Vulnerebility blog

Cisco Talos

24.4.19

Vulnerability Spotlight: Multiple vulnerabilities in Shimo VPN's helper tool

Cisco Talos is disclosing a series of vulnerabilities found in the Shimo VPN Helper Tool. Shimo VPN is a popular VPN client for MacOS that can be used to connect multiple VPN accounts to one application. These specific vulnerabilities were found in the “helper tool,” a feature that Shimo VPN uses to accomplish some of its privileged work.

Vulnerebility blog

Cisco Talos

13.4.19

Microsoft Patch Tuesday – April 2019 This month the vendor has patched 74 vulnerabilities, 14 of which are rated Critical. Vulnerebility blog Symantec

13.4.19

Virtually Unlimited Memory: Escaping the Chrome Sandbox After discovering a collection of possible sandbox escape vulnerabilities in Chrome, it seemed worthwhile toexploit one of these issues as a full-chain exploit together with a renderer vulnerability to get a better understanding of the mechanics required for a modern Chrome exploit. Vulnerebility blog Project Zero

13.4.19

Vulnerability Spotlight: Adobe Acrobat Reader remote code execution There is a remote code execution vulnerability in Adobe Acrobat Reader that could occur if a user were to open a malicious PDF on their machine using the software. Acrobat is the most widely used PDF reader on the market, making the potential target base for these bugs fairly large. The program supports embedded JavaScript code in the PDF to allow for interactive PDF forms, giving the potential attacker the ability to precisely control memory layout and creating an additional attack surface. Vulnerebility blog Cisco Talos

13.4.19

Microsoft Patch Tuesday — April 2019: Vulnerability disclosures and Snort coverage Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 74 vulnerabilities, 16 of which are rated “critical” and 58 that are considered “important.” This release also includes a critical advisory covering a security update to Adobe Flash Player. Vulnerebility blog Cisco Talos

5.4.19

Study of the Belonard Trojan, exploiting zero-day vulnerabilities in Counter-Strike 1.6 The game Counter-Strike 1.6 was released by Valve Corporation back in 2000. Despite its rather considerable age, it still has a large fan base. The number of players using official CS 1.6 clients reaches an average of 20,000 people online, while the overall number of game servers registered on Steam exceeds 5,000. Vulnerebility blog Dr Web

5.4.19

Vulnerability in Xiaomi Pre-Installed Security App

Smartphones usually come with pre-installed apps, some of which are useful and some that never get used at all. What a user does not expect, however, is for a preinstalled app to be an actual liability to their privacy and security. Vulnerebility blog Checkpoint

3.4.19

Splitting atoms in XNU

A locking bug in the XNU virtual memory subsystem allowed violation of the preconditions required for the correctness of an optimized virtual memory operation. This was abused to create shared memory where it wasn't expected, allowing the creation of a time-of-check-time-of-use bug where one wouldn't usually exist. 

Vulnerebility blog

Project Zero

31.3.19 Five Easy Steps to Keep on Your Organization’s DevOps Security Checklist The discovery of a significant container-based (runc) exploit sent shudders across the Internet. Exploitation of CVE-2019-5736 can be achieved with “minimal user interaction” it subsequently allows attackers to gain root-level code execution on the host. Vulnerebility blog F5 Labs
28.3.19 Two white hats hack a Tesla, get to keep it The electric automaker is working to release a fix for the underlying vulnerability in a matter of days Vulnerebility blog

Eset

28.3.19 Vulnerability Spotlight: Multiple vulnerabilities in GOG Galaxy Games The GOG Galaxy video game launcher contains multiple vulnerabilities that could allow a malicious actor to carry out a variety of attacks. GOG Galaxy Games is a video game storefront that allows users to purchase new games and launch them from their desktop.  Vulnerebility blog

Cisco Talos

28.3.19 WinRAR Zero-day Abused in Multiple Campaigns WinRAR, an over 20-year-old file archival utility used by over 500 million users worldwide, recently acknowledged a long-standing vulnerability in its code-base. A recently published path traversal zero-day vulnerability, disclosed in CVE-2018-20250 by Check Point Research, enables attackers to specify arbitrary destinations during file extraction of ‘ACE’ formatted files, regardless of user input. Attackers can easily achieve persistence and code execution by creating malicious archives that extract files to sensitive locations, like the Windows “Startup” Start Menu folder. Vulnerebility blog

FireEye

25.3.19

Vulnerability Spotlight: Multiple Vulnerabilities in CUJO Smart Firewall, Das U-Boot, OCTEON SDK, Webroot BrightCloud

CUJO AI produces the CUJO Smart Firewall, a device that provides protection to home networks against a myriad of threats such as malware, phishing websites and hacking attempts. Cisco Talos recently discovered 11 vulnerabilities in the CUJO Smart Firewall. These vulnerabilities could allow an attacker to bypass the safe browsing function and completely take control of the device, either by executing arbitrary code in the context of the root account, or by uploading and executing unsigned kernels on affected systems.

Vulnerebility blog

Cisco Talos

14.3.19

Microsoft Patch Tuesday – March 2019 This month the vendor has patched 64 vulnerabilities, 17 of which are rated Critical. Vulnerebility blog Symantec

14.3.19

Microsoft Patch Tuesday — March 2019: Vulnerability disclosures and Snort coverage Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 64 vulnerabilities, 17 of which are rated “critical,” 45 that are considered “important” and one “moderate” and “low” vulnerability each. This release also includes two critical advisories — one covering security updates to Adobe Flash Player and another concerning SHA-2 Vulnerebility blog Cisco Talos

14.3.19

Vulnerability Spotlight: Privilege escalation bug in CleanMyMac X's helper service CleanMyMac X contains a privilege escalation vulnerability in its helper service due to improper updating. The application fails to remove the vulnerable components upon upgrading to the latest version, leaving the user open to attack. CleanMyMac X is an all-in-one cleaning tool for Macs from MacPaw. The application scans through the system and user directories looking for unused and leftover files and applications. Vulnerebility blog Cisco Talos

14.3.19

Vulnerability Spotlight: Multiple local vulnerabilities in Pixar Renderman The MacOS version of Pixar Renderman contains three local vulnerabilities in its install helper tool. An attacker could exploit these bugs to escalate their privileges to root. Vulnerebility blog Cisco Talos

14.3.19

Vulnerability Spotlight: Remote code execution vulnerability in Antenna House Rainbow PDF Office Server Document Converter Antenna House Rainbow PDF Office Server Document Converter contains a heap overflow vulnerability that could allow an attacker to remotely execute code on the victim machine. Rainbow PDF is a software solution that converts Microsoft Office documents into a PDF. This specific flaw lies in the way the software converts PowerPoint files into PDFs Vulnerebility blog Cisco Talos

8.3.19

PXE Dust: Finding a Vulnerability in Windows Servers Deployment Services Many large organizations use Windows Deployment Services (WDS) to install customized operating systems on new machines in the network. The Windows Deployment Services is usually, by its nature, accessible to anyone connected via an LAN port and provides the relevant software. They determine the Operating System as well as the accompanying programs and services for each new network element.

Vulnerebility blog

Checkpoint

8.3.19

Flaws in smart car alarms exposed 3 million cars to hijack The vulnerabilities, which resided in associated smartphone apps, were both easy to find and easy to fix Vulnerebility blog

Eset

8.3.19

Latest Chrome update plugs a zero-day hole It now turns out that the vulnerability in the browser was being exploited in tandem with a zero-day in Windows Vulnerebility blog

Eset

5.3.19

Jmail Breaker: Profiting from Joomla’s Mail Service Joomla! is one of the most popular CMS platforms and is used by hundreds of thousands of organizations worldwide. Over the years, many vulnerabilities were found in the product, such as Joomla Core Sterilizer Cross-Site Scripting Filter Privilege Escalation (CVE-2017-7985) and Joomla Object Injection Remote Command Execution (CVE-2015-8562). Indeed, over the past two years, there is evidence of a significant surge in the number of Joomla known vulnerabilities. Vulnerebility blog

Checkpoint

21.2.19

Extracting a 19 Year Old Code Execution from WinRAR n this article, we tell the story of how we found a logical bug using the WinAFL fuzzer and exploited it in WinRAR to gain full control over a victim’s computer. The exploit works by just extracting an archive, and puts over 500 million users at risk. This vulnerability has existed for over 19 years(!) and forced WinRAR to completely drop support for the vulnerable format. Vulnerebility blog

Checkpoint

17.2.19 Microsoft Patch Tuesday – February 2019 This month the vendor has patched 74 vulnerabilities, 20 of which are rated Critical. Vulnerebility blog Symantec
17.2.19 Microsoft Patch Tuesday — February 2019: Vulnerability disclosures and Snort coverage Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 69 vulnerabilities, 20 of which are rated “critical,” 46 that are considered “important” and three that are “moderate.” This release also includes a critical security advisory regarding a security update to Adobe Flash Player Vulnerebility blog Cisco Talos
17.2.19 Vulnerability Spotlight: Adobe Acrobat Reader DC text field remote code execution vulnerability Adobe Acrobat Reader DC contains a vulnerability that could allow an attacker to remotely execute code on the victim’s machine. If the attacker tricks the user into opening a specially crafted PDF with specific JavaScript, they could cause heap corruption. The user could also trigger this bug if they open a specially crafted email attachment. Vulnerebility blog Cisco Talos

2.2.19

Vulnerability Spotlight: Multiple vulnerabilities in ACD Systems Canvas Draw 5

Cisco Talos is disclosing several vulnerabilities in ACD Systems' Canvas Draw 5, a graphics-editing tool for Mac. The vulnerable component of Canvas Draw 5 lies in the handling of TIFF and PCX images. TIFF is a raster-based image format used in graphics editing projects, thus making it a very common file format that's used in Canvas Draw. PCX was a popular image format with early computers, and although it's been replaced by more sophisticated formats, it is still in use and fully supported by Canvas Draw.

Vulnerebility blog

Cisco Talos

30.1.19

Apple takes Group FaceTime offline after discovery of spying bug The company is rushing to fix a glitch that may let other iPhone users hear and see you – before you answer the callVulnerebility blog Eset

30.1.19

Vulnerability Spotlight: Multiple vulnerabilities in coTURN Today, Cisco Talos is disclosing three vulnerabilities in coTURN. coTURN is an open-source implementation of TURN and STUN servers that can be used as a general-purpose networking traffic TURN server. TURN servers are usually deployed in so-called “DMZ” zones — any server reachable from the internet — to provide firewall traversal solutions.Vulnerebility blog

Cisco Talos

30.1.19

Vulnerability Spotlight: Python.org certificate parsing denial-of-service Python.org contains an exploitable denial-of-service vulnerability in its X509 certificate parser. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. Python can crash if getpeercert() is called on a TLS connection, which uses a certificate with invalid DistributionPoint in its extension.Vulnerebility blog

Cisco Talos

30.1.19

Vulnerability Spotlight: Multiple WIBU SYSTEMS WubiKey vulnerabilities Cisco Talos discovered two vulnerabilities that could allow remote code execution and memory disclosure at the kernel level in WIBU-SYSTEMS WibuKey. WibuKey is a USB key designed to protect software and intellectual properties. It allows the users to manage software license via USB key. A third vulnerability is located in userland and can be triggered remotely, as it's located in the network manager.Vulnerebility blog

Cisco Talos

28.1.19

Vulnerability Deep Dive: TP-Link TL-R600VPN remote code execution vulnerabilities

TP-Link recently patched three vulnerabilities in their TL-R600VPN gigabit broadband VPN router, firmware version 1.3.0. Cisco Talos publicly disclosed these issues after working with TP-Link to ensure that a patch was available. Now that a fix is out there, we want to take the time to dive into the inner workings of these vulnerabilities and show the approach we took with our proof-of-concept code.

Vulnerebility blog

Cisco Talos

28.1.19

Microsoft Patch Tuesday — January 2019: Vulnerability disclosures and Snort coverage

Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 49 vulnerabilities, seven of which are rated “critical,” 40 that are considered “important” and one that is “moderate.” This release also includes a critical security advisory for multiple bugs in Adobe Flash Player.

Vulnerebility blog

Cisco Talos

28.1.19

Vulnerability Spotlight: Multiple Apple IntelHD5000 privilege escalation vulnerabilities

A memory corruption vulnerability exists in the IntelHD5000 kernel extension when dealing with graphics resources inside of Apple OSX 10.13.4. A library inserted into the VLC media application can cause an out-of-bounds access inside of the KEXT leading to a use after free and invalid memory access in the context of the kernel. This can be used for privilege escalation.

Vulnerebility blog

Cisco Talos

28.1.19

Vulnerability Spotlight: Multiple privilege escalation vulnerabilities in CleanMyMac X

Today, Cisco Talos is disclosing several vulnerabilities in MacPaw’s CleanMyMac X software. CleanMyMac X is a cleanup application for Mac operating systems that allows users to free up extra space on their machines by scanning for unused or unnecessary files and deleting them. In all of these bugs, an attacker with local access to the victim machine could modify the file system as root.

Vulnerebility blog

Cisco Talos

21.12.18 Microsoft issues emergency fix for Internet Explorer zero-day Details are sparse about a security hole that Microsoft said is being exploited in targeted attacks Vulnerebility blog Eset
20.12.18 Microsoft Patches Out-of-Band Internet Explorer Scripting Engine Vulnerability After Exploitation Detected in the Wild Microsoft released an out-of-band (OOB) patch on Wednesday related to a vulnerability in the scripting engine of Internet Explorer. This particular vulnerability is believed to be actively exploited in the wild and should be patched immediately. Vulnerebility blog Cisco Talos
20.12.18 Threat Actors Rapidly Adopt New ThinkPHP RCE Exploit to Spread IoT Malware and Deploy Remote Shells F5 researchers have observed multiple new campaigns leveraging a very recent exploit against ThinkPHP, a popular PHP framework in China. Within days of its discovery, the vulnerability had already been exploited in the wild by multiple threat actors. With this vulnerability, we see a pattern similar to those we have seen in other RCE vulnerabilities, such as Apache Struts 2 – CVE-2017-5638 mentioned last year, where attackers rushed to capitalize on the time it takes organizations to patch and profit from it. Vulnerebility blog F5 Labs
20.12.18 On VBScript Vulnerabilities in the VBScript scripting engine are a well known way to attack Microsoft Windows. In order to reduce this attack surface, in Windows 10 Fall Creators Update, Microsoft disabled VBScript execution in Internet Explorer in the Internet Zone and the Restricted Sites Zone by default. Vulnerebility blog Project Zero
20.12.18 Searching statically-linked vulnerable library functions in executable code Software supply chains are increasingly complicated, and it can be hard to detect statically-linked copies of vulnerable third-party libraries in executables. This blog post discusses the technical details of an Apache-licensed open-source library to detect code from other open-source libraries in executables, along with some real-world findings of forked open-source libraries in real-world software. Vulnerebility blog Project Zero
15.12.18 How threat actors are using SMB vulnerabilities Some of the most devastating ransomware and Trojan malware variants depend on vulnerabilities in the Windows Server Message Block (SMB) to propagate through an organization’s network. Windows SMB is a protocol used by PCs for file and printer sharing, as well as for access to remote services. Vulnerebility blog Malwarebytes
14.12.18 Adventures in Video Conferencing Part 5: Where Do We Go from Here? Overall, our video conferencing research found a total of 11 bugs in WebRTC, FaceTime and WhatsApp. The majority of these were found through less than 15 minutes of mutation fuzzing RTP. We were surprised to find remote bugs so easily in code that is so widely distributed. There are several properties of video conferencing that likely led to the frequency and shallowness of these issues. Vulnerebility blog Project Zero
12.12.18 Adventures in Video Conferencing Part 4: What Didn't Work Out with WhatsApp Not every attempt to find bugs is successful. When looking at WhatsApp, we spent a lot of time reviewing call signalling hoping to find a remote, interaction-less vulnerability. No such bugs were found. We are sharing our work with the hopes of saving other researchers the time it took to go down this very long road. Or maybe it will give others ideas for vulnerabilities we didn’t find. Vulnerebility blog Project Zero
12.12.18 50 CVEs in 50 Days: Fuzzing Adobe Reader The year 2017 was an inflection point in the vulnerability landscape. The number of new vulnerabilities reported that year was around 14,000, which is over twice the number from the year before (see table below). The probable reason for this is the increased popularity of automatic vulnerability finding tools, also known as “fuzzers”. Vulnerebility blog Checkpoint
12.12.18 Vulnerability Spotlight: Adobe Acrobat Reader DC text field remote code execution vulnerability Adobe Acrobat Reader DC contains a vulnerability that could allow an attacker to remotely execute code on the victim’s machine. If the attacker tricks the user into opening a specially crafted PDF with specific JavaScript, they could cause heap corruption. The user could also trigger this bug if they open a specially crafted email attachment. Vulnerebility blog Cisco Talos
12.12.18 Microsoft Patch Tuesday — December 2018: Vulnerability disclosures and Snort coverage Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 38 vulnerabilities, nine of which are rated “critical” and 29 that are considered “important.” There are no “moderate” or “low” vulnerabilities in this release. Vulnerebility blog Cisco Talos
5.12.18 Humble Bundle alerts customers to subscription reveal bug You’ll want to check your mailbox if you have a Humble Bundle account, as they’re notifying some customers of a bug used to gather subscriber information. Vulnerebility blog Malwarebytes
5.12.18 Adventures in Video Conferencing Part 1: The Wild World of WebRTC Over the past five years, video conferencing support in websites and applications has exploded. Facebook, WhatsApp, FaceTime and Signal are just a few of the many ways that users can make audio and video calls across networks. Vulnerebility blog Project Zero
4.12.18 Vulnerability Spotlight: Netgate pfSense system_advanced_misc.php powerd_normal_mode Command Injection Vulnerability Today, Cisco Talos is disclosing a command injection vulnerability in Netgate pfSense system_advanced_misc.php powerd_normal_mode. pfSense is a free and open source firewall and router that also features unified threat management, load balancing, multi WAN, and more. Vulnerebility blog Cisco Talos
2.12.18 Wireshark update 2.6.5 available Wireshark version 2.6.5 is available: release notes. Vulnerebility blog SANS
21.11.18 Vulnerability Spotlight: Multiple remote code execution vulnerabilities in Atlantis Word Processor Today, Cisco Talos is disclosing three remote code execution vulnerabilities in the Atlantis Word Processor. Atlantis Word Processor is a traditional word processor that provides a number of basic features for users, in line with what is in other similar types of software.  Vulnerebility blog Cisco Talos

19.11.18

Vulnerability Spotlight: Multiple remote vulnerabilities in TP-Link TL-R600VPN Cisco Talos is disclosing multiple vulnerabilities in the TP-Link TL-R600VPN router. TP-Link produces a number of different types of small and home office (SOHO) routers. Talos discovered several bugs in this particular router model that could lead to remote code execution. Vulnerebility blog Cisco Talos

15.11.18

FLARE VM Update

FLARE VM has gone through many major changes to better support our users’ needs.

Vulnerebility blog

FireEye

14.11.18 Microsoft Patch Tuesday – November 18 This month the vendor has patched 62 vulnerabilities, 13 of which are rated Critical. Vulnerebility blog Symantec
8.11.18

DJI Drone Vulnerability

Besides from consumers, though, it has also taken a large share of the corporate market, with customers coming from the critical infrastructure, manufacturing, agricultural, construction, emergency-management sectors and more. With so many customers worldwide, both consumer and corporate, DJI drones can obtain data and images from a wide range of viewpoints and across a large spectrum of subject matter. Vulnerebility blog Checkpoint
25.10.18 FLARE Script Series: Reverse Engineering WebAssembly Modules Using the idawasm IDA Pro Plugin We introduce idawasm, an IDA Pro plugin that provides a loader and processor modules for WebAssembly modules Vulnerebility blog FireEye

12.8.18

Faxploit: Sending Fax Back to the Dark Ages

Research By: Eyal Itkin and Yaniv Balmas Fax, the brilliant technology that lifted mankind out the dark ages of mail delivery when only the postal service and carrier pigeons were used to deliver..

Vulnerebility blog

Checkpoint

7.8.18

FakesApp: A Vulnerability in WhatsApp

Research By: Dikla Barda, Roman Zaikin and Oded Vanunu As of early 18, the Facebook-owned messaging application, WhatsApp, has over 1.5 billion users with over one billion groups and 65 billion messages sent...

Vulnerebility blog

Checkpoint

30.7.18

Scriptable Remote Debugging with Windbg and IDA Pro Required Background: Basic experience with virtual machines, i.e. creating a VM and installing an OS. The most technically involved it gets is setting up a working SSH server on one of the VMs Vulnerebility blog

Checkpoint

30.7.18

Remote Code Execution Vulnerability on LG Smartphones Research by: Slava Makkaveev Background A few months ago, Check Point Research discovered two vulnerabilities that reside in the default keyboard on all mainstream LG smartphone models (termed by LG as ‘LGEIME’). These... Vulnerebility blog Checkpoint

30.7.18

MMap Vulnerabilities – Linux Kernel By: Eyal Itkin As part of our efforts in identifying vulnerabilities in different products, from time to time we also review the Linux Kernel, mainly searching for vulnerabilities in different drivers. In this Vulnerebility blog

Checkpoint

30.7.18

NTLM Credentials Theft via PDF Files Just a few days after it was reported that malicious actors can exploit a vulnerability in MS outlook using OLE to steal a Windows user’s NTLM hashes, the Check Point research team can. Vulnerebility blog Checkpoint

30.7.18

Uncovering Drupalgeddon 2 By Eyal Shalev, Rotem Reiss and Eran Vaknin Abstract Two weeks ago, a highly critical (25/25 NIST rank) vulnerability, nicknamed Drupalgeddon 2 (SA-CORE-18-002 / CVE-18-7600), was disclosed by the Drupal security team. This vulnerability Vulnerebility blog

Checkpoint

30.7.18

Many Formulas, One Calc – Exploiting a New Office Equation Vulnerability By: Omer Gull and Netanel Ben Simon Background A few weeks ago, a vulnerability in the Office Equation 3.0 process (EQNEDT32.EXE) was discovered by Embedi. For a couple of reasons this event raised. Vulnerebility blog Checkpoint
30.7.18 Huawei Home Routers in Botnet Recruitment A Zero-Day vulnerability (CVE-2017-17215) in the Huawei home router HG532 has been discovered by Check Point Researchers, and hundreds of thousands of attempts to exploit it have already been found in the wild.. Vulnerebility blog

Checkpoint

30.7.18

“The Next WannaCry” Vulnerability is Here

This Tuesday, Microsoft released a security patch including 48 fixes, 25 of which are defined as “critical”. While Microsoft updates happen every month, this one reveals an especially dangerous vulnerability – CVE-2017-8620. Behind this dull.

Vulnerebility blog

Checkpoint

30.7.18

CrashOverride

On June 20th Check Point published an IPS signature providing virtual patching for the Siemens SIPROTEC DoS vulnerability. This IPS signature can help protect against a new malware, CrashOverride, also known as Industroyer–..

Vulnerebility blog

Checkpoint

30.7.18

Check Point Discloses Vulnerability that Allowed Hackers to Take over Hundreds of Millions of WhatsApp & Telegram Accounts

One of the most concerning revelations arising from the recent WikiLeaks publication is the possibility that government organizations can compromise WhatsApp, Telegram and other end-to-end encrypted chat applications. While this has yet to

Vulnerebility blog

Checkpoint

18

Announcing the Fifth Annual Flare-On Challenge

The FireEye Labs Advanced Reverse Engineering (FLARE) team’s annual reverse engineering challenge will start at 8:00 p.m. ET on Aug. 24, 18.

Vulnerebility blog

FireEye

18

BIOS Boots What? Finding Evil in Boot Code at Scale!

This post details the challenges FireEye faced examining boot records at scale and our solution to find evil boot records in large enterprise networks.

Vulnerebility blog

FireEye