Security News

RCE in CGI Servlet – Apache Tomcat on Windows – CVE-2019-0232

Full Disclosure - 4 May, 2019 - 14:22

Posted by Nightwatch Cybersecurity Research on May 04

[Original post:
https://wwws.nightwatchcybersecurity.com/2019/04/30/remote-code-execution-rce-in-cgi-servlet-apache-tomcat-on-windows-cve-2019-0232/]

SUMMARY

Apache Tomcat has a vulnerability in the CGI Servlet which can be
exploited to achieve remote code execution (RCE). This is only
exploitable when running on Windows in a non-default configuration in
conjunction with batch files. The vendor released a fix in Tomcat
versions 7.0.94, 8.5.40...

[SYSS-2019-005]: ABUS Secvest - Proximity Key - Cryptographic Issues (CWE-310)

Full Disclosure - 4 May, 2019 - 12:37

Posted by Matthias Deeg on May 04

Advisory ID: SYSS-2019-005
Product: ABUS Secvest (FUAA50000)
Manufacturer: ABUS
Affected Version(s): v3.01.01
Tested Version(s): v3.01.01
Vulnerability Type: Cryptographic Issues (CWE-310)
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2019-03-15
Solution Date: -
Public Disclosure: 2019-05-02
CVE Reference: CVE-2019-9861
Authors of Advisory: Matthias Deeg, Gerhard Klostermeier (SySS GmbH)...

OneShield - Policy Solutions - Dragon Framework Persistent XSS in Framework Textboxes

Full Disclosure - 4 May, 2019 - 12:33

Posted by ghost on May 04

# Exploit Title: Dragon - Persistent XSS in Framework Textboxes
# Date: 12/28/2018
# Vendor Homepage: https://oneshield.com
# Software Link: https://oneshield.com/business-solutions/oneshield-pc-solutions/oneshield-policy/
# Version: 5.0, 5.1
# Tested on: 5.1
# Exploit Author: Josh Sheppard
# Exploit Contact: ghost () a t undervurse dot_com
# Exploit Technique: Remote
# CVE: CVE-2019-11643
1. Description
A persistent cross site scripting...

OneShield - Policy Solutions - Dragon Framework Log Poisoning

Full Disclosure - 4 May, 2019 - 12:33

Posted by ghost on May 04

# Exploit Title: Dragon - Log Poisoning
# Date: 12/28/2018
# Vendor Homepage: https://oneshield.com
# Software Link: https://oneshield.com/business-solutions/oneshield-pc-solutions/oneshield-policy/
# Version: 5.0, 5.1
# Tested on: 5.1
# Exploit Author: Josh Sheppard
# Exploit Contact: ghost () a t undervurse dot_com
# Exploit Technique: Remote
# CVE ID: CVE-2019-11642
1. Description
A log poisoning vulnerability has been discovered oin the...

Windows PowerShell ISE / Filename Parsing Flaw Remote Code Execution 0day

Full Disclosure - 4 May, 2019 - 12:30

Posted by hyp3rlinx on May 04

[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/WINDOWS-POWERSHELL-ISE-FILENAME-PARSING-FLAW-RCE-0DAY.txt

[+] ISR: ApparitionSec
[+] Zero Day Initiative Program

[Vendor]
www.microsoft.com

[Product]
Windows PowerShell ISE

The Windows PowerShell Integrated Scripting Environment (ISE) is a host
application for Windows PowerShell.
In the ISE, you can run commands...

Vuln: dhcpcd CVE-2019-11766 Buffer Overflow Vulnerability

Security Focus Vulnerabilities - 3 May, 2019 - 23:00
dhcpcd CVE-2019-11766 Buffer Overflow Vulnerability

[Newsletter/Marketing] [ISN] Sinister secret backdoor found in networking gear perfect for government espionage: The Chinese are -- oh no, wait, it's Cisco again

Bug Traq - 3 May, 2019 - 06:07

Posted by InfoSec News on May 03

https://www.theregister.co.uk/2019/05/02/cisco_vulnerabilities/

By Iain Thomson in San Francisco
The Register
2 May 2019

Right on cue, Cisco on Wednesday patched a security vulnerability in some of
its network switches that can be exploited by miscreants to commandeer the IT
equipment and spy on people.

This comes immediately after panic this week over a hidden Telnet-based
diagnostic interface was found in Huawei gateways. Although that...

[Newsletter/Marketing] [ISN] Hundreds of Orpak gas station systems can be easily hacked thanks to hardcoded passwords

Bug Traq - 3 May, 2019 - 06:07

Posted by InfoSec News on May 03

https://techcrunch.com/2019/05/02/orpak-gas-station-password/

By Zack Whittaker
TechCrunch
May 2, 2019

Homeland Security’s cybersecurity agency says a popular gas station software
contains several security vulnerabilities that require “low skill” to exploit.

The advisory, posted by the Cybersecurity and Infrastructure Security Agency
(CISA), gave the Orpak SiteOmat software a rare vulnerability severity rating
of 9.8 out of 10....

[Newsletter/Marketing] [ISN] Executive Order on America's Cybersecurity Workforce

Bug Traq - 3 May, 2019 - 05:58

Posted by InfoSec News on May 03

https://www.whitehouse.gov/presidential-actions/executive-order-americas-cybersecurity-workforce/

Issued on: May 2, 2019

By the authority vested in me as President by the Constitution and the laws of
the United States of America, and to better ensure continued American economic
prosperity and national security, it is hereby ordered as follows:

Section 1. Policy. (a) America’s cybersecurity workforce is a strategic
asset that protects...

[Newsletter/Marketing] [ISN] Subscribing and Unsubscribing from InfoSec News

Bug Traq - 3 May, 2019 - 05:55

Posted by InfoSec News on May 03

Forwarded from: William Knowles <wk (AT) infosecnews.org>

Its come to my attention someone either subscribed or forwarded a day of
InfoSec News to Bugtraq as I've been fielding a number of nastygrams and
Tweets.

I am not personally subscribed to Bugtraq but would appreciate if you do plan
on emailing me to include your full email headers when mailing me such winning
emails like "GET ME OFF THIS F**KING SPAM LIST" or...

[Newsletter/Marketing] [ISN] Why local governments are a hot target for cyberattacks

Bug Traq - 3 May, 2019 - 05:54

Posted by InfoSec News on May 03

https://www.csoonline.com/article/3391589/why-local-governments-are-a-hot-target-for-cyberattacks.html

By Cynthia Brumfield
CSO
May 01, 2019

Over the course of the past few weeks, a seemingly stepped-up wave of malware
and ransomware infections has struck a number of municipalities across the U.S.

* On April 10, the city of Greenville, North Carolina, had to disconnect
most city-owned computers from the Internet due to what officials said...

[Newsletter/Marketing] [ISN] After account hacks, Twitch streamers take security into their own hands

Bug Traq - 3 May, 2019 - 05:50

Posted by InfoSec News on May 03

https://techcrunch.com/2019/04/30/twitch-account-hacks/

By Zack Whittaker
TechCrunch
April 30, 2019

Twitch has an account hacking problem.

After the breach of popular browser game Town of Salem in January, some 7.8
million stolen passwords quickly became the weakest link not only for the game
but gamers’ other accounts. The passwords were stored using a long-deprecated
scrambling algorithm, making them easily cracked.

It didn’t take...

[Newsletter/Marketing] [ISN] Spot the not-Fed: A day at AvengerCon, the Army's answer to hacker conferences

Bug Traq - 3 May, 2019 - 05:46

Posted by InfoSec News on May 03

https://arstechnica.com/information-technology/2019/05/spot-the-not-fed-a-day-at-avengercon-the-armys-answer-to-hacker-conferences/

By Sean Gallagher
Ars Technica
5/2/2019

FORT MEADE, Maryland -- Late last year, I was invited to a relatively new
hacker event in Maryland. Chris Eagle, a well-known researcher in the
field of malware analysis and author of The IDA Pro Book, keynoted it.
There were a number of really good talks at all levels of...

[Newsletter/Marketing] [ISN] Going Toe-to-Toe With Ukraine's Separatist Hackers

Bug Traq - 3 May, 2019 - 05:42

Posted by InfoSec News on May 03

https://foreignpolicy.com/2019/05/01/going-toe-to-toe-with-ukraines-separatist-hackers-cyber-russia/

By Elias Groll
Foreign Policy
May 1, 2019

The hacker realized that he was being watched.

The spy software he was attempting to run against the Ukrainian government had
infected the wrong machine, and now an analyst working for an American security
company was picking apart the program - known as RatVermin - trying to
understand how it...

[Newsletter/Marketing] [ISN] Hackers Steal and Ransom Financial Data Related to Some of the World's Largest Companies

Bug Traq - 3 May, 2019 - 05:41

Posted by InfoSec News on May 03

https://motherboard.vice.com/en_us/article/d3np4y/hackers-steal-ransom-citycomp-airbus-volkswagen-oracle-valuable-companies

By Joseph Cox
Motherboard.vice.com
April 30, 2019

Hackers have broken into an internet infrastructure firm that provides services
to dozens of the world's largest and most valuable companies, including Oracle,
Volkswagen, Airbus, and many more as part of an extortion attempt, Motherboard
has learned. The attackers...

[Newsletter/Marketing] [ISN] DHS Orders Agencies to Patch Critical Vulnerabilities Within 15 Days

Bug Traq - 3 May, 2019 - 05:39

Posted by InfoSec News on May 03

https://www.securityweek.com/dhs-orders-agencies-patch-critical-flaws-within-15-days

By Eduard Kovacs
SecurityWeek
May 01, 2019

The U.S. Department of Homeland Security (DHS) this week issued a new Binding
Operational Directive (BOD) instructing federal agencies and departments to act
more quickly when it comes to patching serious vulnerabilities in
internet-exposed systems.

Specifically, BOD 19-02 gives government organizations 15 days to...

[Newsletter/Marketing] [ISN] Wall Street spending big to protect against hacking: report

Bug Traq - 3 May, 2019 - 05:36

Posted by InfoSec News on May 03

https://nypost.com/2019/05/01/wall-street-spending-big-to-protect-against-hacking-report/

By Kevin Dugan
New York Post
May 1, 2019

Wall Street’s biggest companies are pumping more cash into cybersecurity, as
the industry’s brass openly frets that hackers are the next major threat to the
financial system.

Financial middlemen like stock exchanges, clearinghouses and payment processors
spent as much as $3,600 per full-time employee on...

[Newsletter/Marketing] [ISN] MITRE asks vendors to do more to detect stealthy hacks

Bug Traq - 3 May, 2019 - 05:27

Posted by InfoSec News on May 03

https://www.cyberscoop.com/mitre-asks-vendors-detect-stealthy-hacks/

By Sean Lyngaas
CYBERSCOOP
MAY 1, 2019

As hackers continue to use native programming tools to blend into target
networks, Mitre Corp. is beginning to test vendors’ ability to detect those
techniques.

The federally-funded, not-for-profit organization announced Wednesday it would
throw the stealthy tactics of an infamous hacking group, the
Russian-government-linked APT29,...

[Newsletter/Marketing] [ISN] Attackers Used Red-Team, Pen-Testing Tools to Hack Wipro

Bug Traq - 3 May, 2019 - 05:24

Posted by InfoSec News on May 03

https://www.darkreading.com/attacks-breaches/attackers-used-red-team-pen-testing-tools-to-hack-wipro/d/d-id/1334586

By Robert Lemos
Dark Reading
5/1/2019

The breach of outsourcing firm Wipro is a cybercriminal operation using tools
common to red teams and penetration testers and has likely been active as far
back as 2015, according to an analysis published by threat-intelligence firm
Flashpoint.

The group behind the breach has links to a...

2019 Public Bug bounty launched

Bug Traq - 3 May, 2019 - 05:21

Posted by Reports on May 03

Greetings *,

We are happy to say that we are live with our public bug bounty located
at http://bugbounty.firosolutions.com,

We welcome everyone to participate and hack the bug bounty.

Ciao!

Firo Solutions Staff
Syndicate content