Securiteam – Page 15 – Computer Security Articles

Credit to Author: SSD / Noam Rathaus| Date: Thu, 28 Sep 2017 20:52:32 +0000

Vulnerability summary Mac OS X contains a vulnerability that allows bypassing of the Apple Quarantine and the execution of arbitrary JavaScript code without any restrictions. Credit A security researcher from WeAreSegment, Filippo Cavallarin, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor response Apple has been notified on the 27th of June … Continue reading SSD Advisory – Mac OS X 10.12 Quarantine Bypass

Independent Securiteam

SSD Advisory – Netgear ReadyNAS Surveillance Unauthenticated Remote Command Execution

September 27, 2017 admin Remote Command Execution, SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Wed, 27 Sep 2017 11:19:30 +0000

Vulnerability summary The following advisory describes an Unauthenticated Remote Command Execution vulnerability found in Netgear ReadyNAS Surveillance. Netgear ReadyNAS Surveillance – Small businesses and corporate branch offices require a secure way to protect physical assets, but often lack the security expertise or big budget that most solutions require. With these challenges in mind, NETGEAR introduces … Continue reading SSD Advisory – Netgear ReadyNAS Surveillance Unauthenticated Remote Command Execution

Independent Securiteam

SSD Advisory – FLIR Systems Multiple Vulnerabilities

September 24, 2017 admin Information Disclosure, Remote Command Execution, SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Sun, 24 Sep 2017 09:26:54 +0000

Vulnerabilities Summary The following advisory describes 5 (five) vulnerabilities found in FLIR Systems FLIR Thermal/Infrared Camera FC-Series S, FC-Series ID, PT-Series. FLIR – “Best-in-class thermal cameras with on-board analytics for high-performance intrusion detection. The new FC-Series ID combines best-in-class thermal image detail and high-performance edge perimeter analytics together in a single device that delivers optimal … Continue reading SSD Advisory – FLIR Systems Multiple Vulnerabilities

Independent Securiteam

SSD Advisory – Sentora / ZPanel Password Reset Vulnerability

September 24, 2017 admin SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Sun, 24 Sep 2017 07:58:32 +0000

Vulnerability Summary The following advisory describes a password reset found in Sentora / ZPanel. Sentora is “a free to download and use web hosting control panel developed for Linux, UNIX and BSD based servers or computers. The Sentora software can turn a domestic or commercial server into a fully fledged, easy to use and manage … Continue reading SSD Advisory – Sentora / ZPanel Password Reset Vulnerability

Independent Securiteam

SSD Advisory – NEXXT Authentication Bypass

September 18, 2017 admin SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Sun, 17 Sep 2017 09:02:04 +0000

Vulnerability Summary The following advisory describes an authentication bypass found in NEXXT routers. NEXXT Connectivity Solutions develops “state of the art networking devices that help connect people and things together, at home, the office and virtually everywhere”. Credit An independent security researcher, Netfairy, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program Vendor … Continue reading SSD Advisory – NEXXT Authentication Bypass

Independent Securiteam

SSD Advisory – Hanbanggaoke IP Camera Arbitrary Password Change

September 11, 2017 admin SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Mon, 11 Sep 2017 13:49:23 +0000

Vulnerability summary The following advisory describes an arbitrary password change vulnerability found in Hanbanggaoke webcams. Beijing Hanbang Technology, “one of the first enterprises entering into digital video surveillance industry, has been focusing on R&D of products and technology of digital video surveillance field. While providing product and technical support, it also provides overall solution for … Continue reading SSD Advisory – Hanbanggaoke IP Camera Arbitrary Password Change

Independent Securiteam

SSD Advisory – McAfee LiveSafe MiTM Registry Modification leading to Remote Command Execution

September 7, 2017 admin Man In The Middle, Remote Code Execution, SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Thu, 07 Sep 2017 06:14:58 +0000

Vulnerabilities Summary The following advisory describes a Remote Code Execution found in McAfee McAfee LiveSafe (MLS) versions prior to 16.0.3. The vulnerability allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response. McAfee Security Scan Plus is a free diagnostic tool that ensures you are protected from … Continue reading SSD Advisory – McAfee LiveSafe MiTM Registry Modification leading to Remote Command Execution

Independent Securiteam

I run this SOC!

September 5, 2017 admin Insider Threat, Sec Tools, Tips & Tricks

Credit to Author: dmitryc| Date: Tue, 05 Sep 2017 19:35:20 +0000

I don’t actually run this SOC (or any other) 🙂 But…but, as a certified “blue team” member, I’m pretty excited with the crop of new companies and ideas that are springing up in the area of SOC analysis, Deception technology, Lateral/external movement, etc. Some of the cool new(ish) vendors that I am falling deeply in … Continue reading I run this SOC!