You searched for vulnerability

PACER vulnerability allowed hackers to access legal docs while sticking others with the bill

August 10, 2017
PACER
USA
vulnerability

A CSRF flaw that made it possible for attackers to access court documents on the PACER system while making legitimate users pay for it has finally been plugged. What is PACER? PACER is an electronic public access service of United States federal court documents – briefs, memos, orders, opinions, etc. It is mostly used by lawyers, and to a lesser extent by journalists, but one has to have an account open with the service, and … More →

US DOJ publishes guidelines for setting up a vulnerability disclosure program

Instituting a vulnerability disclosure program (aka bug bounty program) that won’t blow up in the organization’s face can be a daunting task. Some will prefer to enlist outside experts to advise them on how to do it, and others will want to rely on their own IT or security department. For the latter, here’s some good news: the US Department of Justice has just released a guidance document for adopting a vulnerability disclosure program for … More →

Apple patches critical Broadpwn vulnerability in its various OSes

July 20, 2017
Apple
iOS
macOS

Apple has released security updates for iOS, macOS (Sierra, El Capitan, and Yosemite), Safari, iCloud, iTunes, watchOS and tvOS. As per usual, the same fixed Webkit flaws abound in all of the updates, as it is the web browser engine used by Safari, App Store, and many other applications. Among the other plugged holes a few stand out, for various reasons: Among the WebKit flaws, there’s one disclosed to Apple by the UK’s National Cyber … More →

EternalBlue vulnerability scanner statistics reveal there are exposed hosts worldwide

After the recent massive WannaCry ransomware campaign, Elad Erez, Director of Innovation at Imperva, was shocked at the number of systems that still sported the Microsoft Windows SMB Server vulnerabilities that made the attack possible. So, he decided to do something about it: he created Eternal Blues, an easy-to-use vulnerability scanner that he made available for download for free. The tool does one single thing: it scans computers for the aforementioned vulnerabilities, and lets users … More →

Eternal Blues: A free EternalBlue vulnerability scanner

It is to be hoped that after the WannaCry and NotPetya outbreaks, companies will finally make sure to install – on all their systems – the Windows update that patches SMB vulnerabilities leveraged by the EternalBlue and EternalRomance exploits. These exploits are currently available to practically any hacker who might want to use them, and protecting systems against them should be a must for every organization. But while bigger ones might have an IT department … More →

Azure AD Connect vulnerability allows attackers to reset admin passwords

A vulnerability in Azure AD Connect could be exploited by attackers to reset passwords and gain unauthorized access to on-premises AD privileged user accounts, Microsoft warned on Tuesday. What are Azure AD and Azure AD Connect? Microsoft Azure AD (Active Directory) is often used by enterprises to provide employees and business partners single sign-on access to cloud SaaS Applications (e.g. Office365, DropBox, etc.). It can also be integrated with an organization’s existing Windows Server Active … More →

For timely vulnerability information, unofficial sources are a better bet

June 7, 2017
CVE
dark web
NIST

From over 12,500 disclosed Common Vulnerabilities and Exposures (CVEs), more than 75% were publicly reported online before they were published to the NIST’s centralized National Vulnerability Database (NVD), Recorded Future researchers have found. The data, taken from the beginning of 2016, showed that the median lag was seven days between a CVE being revealed to ultimately being published on the NIST’s NVD. This time lag also significantly differed between vendor announcements and NVD publishing, with … More →

Vulnerability affecting 1,000+ apps is exposing terabytes of data

A newly discovered backend data exposure vulnerability, dubbed HospitalGown, highlights the connection between mobile apps and insecure backend databases. Appthority documented more than 1,000 apps with this vulnerability, and researched in detail 39 applications with big data leaks, which exposed an estimated 280 million records. These records were accessible as a result of weakly secured backends and did not require authentication of any kind to access the data. “HospitalGown poses a direct risk to enterprises, … More →

Vulnerability opens FreeRADIUS servers to unauthenticated attackers

A vulnerability in the free, open source FreeRADIUS server could be exploited by remote attackers to bypass authentication via PEAP or TTLS. There is currently no indication that the flaw is being exploited in the wild, but as the existence of the flaw has been made public, the likelihood of attacks rises. The good news is the FreeRADIUS Development Team has plugged the hole in version 3.0.14 of the FreeRADIUS suite (pushed out on Friday), … More →

Joomla users: Update immediately to kill severe SQLi vulnerability

May 18, 2017
CMS
exploit
joomla

Version 3.7 of Joomla, pushed out less than a month ago, opens websites to SQL injection attacks, Sucury Security researchers have found. As explained by researcher Marc-Alexandre Montpas: “The vulnerability is caused by a new component, com_fields, which was introduced in version 3.7. This vulnerable component is publicly accessible, which means this issue can be exploited by any malicious individual visiting your site.” Sucuri has published technical details about the vulnerability on Wednesday, in the … More →