Search results for: vulnerability

Researcher releases PoC for Windows VCF file RCE vulnerability

A vulnerability that exists in the way Windows processes VCard files (.vcf) can be exploited by remote attackers to achieve execute arbitrary code on vulnerable systems, security researcher John Page has shared. What’s a VCard? VCF is a standard file format used for storing contact information for individuals and businesses. They can contain the contact’s name, address, email address, phone number, their business or personal web page, etc. They are often used to quickly share … More

Vulnerability discovered in safety controller configuration software

Gjoko Krstic, an Applied Risk researcher, has discovered a vulnerability in Pilz PNOZmulti Configurator software that allows a local attacker to read sensitive data in clear-text. The software is used to configure safety controllers, providing the user with the ability to modify elements such as IP addresses, download and upload project files and run other setup functions. The tool can be found on engineering workstations which are used to configure safety controllers. The software is … More

Week in review: The lessons of Conficker, holiday season cybercrime, IoT vulnerability discovery

Here’s an overview of some of last week’s most interesting news and articles: Don’t accept risk with a pocket veto No security professional wants to accept risk. If we had our way, the organization would mitigate or avoid all risks. But that’s almost never the case in the real world. Risks often must be accepted. Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent The flaw affects Flash Player 31.0.0.148 and … More

Helping researchers with IoT firmware vulnerability discovery

John Toterhi, a security researcher with IoT security company Finite State, believes that many of the security problems plaguing IoT devices are solvable problems through transparency. “Manufacturers who make their firmware public and follow GPL practices are doing themselves a huge favor: by making firmware public, manufacturers are enabling a world-wide network of the best security talent to find bugs, disclose them responsibly, and improve security for their customers. Without this transparency they exclude so … More

High risk vulnerability discovered in Sauter CASE Suite building automation software

Applied Risk researcher, Gjoko Krstic, has identified a security vulnerability in the Sauter CASE Suite, a software package used to handle building automation projects with energy-efficient strategies and methods. The Sauter CASE Suite is a building management software that is used for project engineering and control functions of building management systems within both office and industrial environments. The application suffers from an XML External Entity (XXE) vulnerability, which can be used to cause a Denial … More

Businesses unprepared for Windows 10 migration, fear vulnerability to cyber threats

A new WinMagic study has found that organisations are largely unprepared for when support of older versions of Microsoft’s Windows OS will be withdrawn in January 2020. When questioned about their lack of readiness for the obligatory migration to Windows 10, respondents cited IT security and fears of being exposed to a cyber security vulnerability as two areas of concern. The study was carried out at IP Expo in London in October 2018. One hundred … More

Week in review: First-ever UEFI rootkit, Apple DEP vulnerability, new tactics subvert traditional security measures

Here’s an overview of some of last week’s most interesting news and articles: What do you mean by storage encryption? Depending on the threat context and how you define “storage encryption,” it can be a highly effective control or a complete waste of resources. Phorpiex bots target remote access servers to deliver ransomware Threat actors are brute-forcing their way into enterprise endpoints running server-side remote access applications and attempting to spread the GandCrab ransomware onto … More

Apple DEP vulnerability lets attackers access orgs’ resources, info

An authentication weakness in Apple’s ​Device Enrollment Program​ (DEP) may allow attackers to enroll any device into an organization’s Mobile Device Management server and, consequently, to obtain privileged access to the private resources of an organization or even full VPN access to internal systems. In addition to this, the provided DEP profile may contain information about the organization (email addresses, phone numbers) that could be used to mount successful social engineering attacks against company employees. … More

Crowdfense launches Vulnerability Research Hub for top security researchers

Crowdfense officially launched the Vulnerability Research Hub out of beta. After being internally developed and fine-tuned for several months, Crowdfense opened their process-oriented platform to a wider audience of researchers and brokers interested in trading 0day cyber capabilities, which can be both within the scope of Crowdfense public Bug Bounty Program or freely proposed (for a specific set of key targets). “This is our next step in standardizing and supporting the development of what has … More

Incorporating sensitive asset data into your vulnerability and compliance program

In this podcast recorded at Black Hat USA 2018, Tim White, Director of Product Management, Policy Compliance at Qualys, talks about the importance of incorporating inaccessible or sensitive asset data into your overall vulnerability and compliance program. Here’s a transcript of the podcast for your convenience. Hello, my name is Tim White. I’m director of product management for compliance at Qualys, and today I’m going to talk to you a little bit about the importance … More