By Matthew Toussain, Geoff Pamerleau Data! DATA!! DATA!!! So much data” an endlessly grueling component of every information security practitioner’s job description is data analysis. Often, digging through an environment for vulnerabilities or configuration flaws involves scrounging through reams of log data. It is not uncommon to find your eyes glazing over while staring at … Continue reading Pen Test Poster: “White Board" – Bash – Make Output Easier to Read
As Cybersecurity/Infosec Professionals we know that all you have to do is wait 30 seconds and someone else has been breached and two new vulnerabilities have been discovered (hypothetically of course). There are few jobs on Earth that see the constantly evolving challenges that we get the privilege to deal with. This constant state of … Continue reading Opening a Can of Active Defense and Cyber Deception to Confuse and Frustrate Attackers
Siemens line RUGGEDCOM NMS products suffers from vulnerabilities that could allow an attacker to perform administrative actions.
Link: https://threatpost.com/siemens-ruggedcom-nms-equipment-vulnerable-to-csrf-xss/123977/
Cisco AnyConnect Secure Mobility Client 4.3.04027 – Privilege Escalation
Adobe Acrobat Dc is prone to a local code-execution vulnerability.This allows a local attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.
Link: http://www.securiteam.com/securitynews/5JP3G20KKU.html
vim before patch 8.0.0056 does not properly validate values for the ‘filetype’, ‘syntax’ and ‘keymap’ options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.
Link: http://www.securiteam.com/securitynews/5RP3N20KLA.html
Directory traversal vulnerability in Spark 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
Link: http://www.securiteam.com/securitynews/5QP3M20KLS.html
SAP Netweaver 7.4 allows remote authenticated users to bypass an intended Unified Connectivity (UCON) access control list and execute arbitrary Remote Function Modules (RFM) by leveraging a connection created from earlier execution of an anonymous RFM included in a Communication Assembly, aka SAP Security Note 2139366.
Link: http://www.securiteam.com/securitynews/5PP3L20KLK.html