SecuriTeam Secure Disclosure – Page 21 – Computer Security Articles

Credit to Author: Maor Schwartz| Date: Wed, 19 Apr 2017 13:52:33 +0000

Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in Linksys EA, XAC and AC series devices. The vulnerabilities has been found in the way the Linksys devices (EA, XAC and AC series) handle the Point-to-point protocol over Ethernet (PPPoE) Discovery (PPPoED) process allowing an unprivileged active attacker on the same network segment (layer2) … Continue reading SSD Advisory – Linksys PPPoE Multiple Vulnerabilities

Independent Securiteam

SSD Advisory – Ubuntu LightDM Guest Account Local Privilege Escalation

April 18, 2017 admin Privilege Escalation, SecuriTeam Secure Disclosure

Credit to Author: Maor Schwartz| Date: Tue, 18 Apr 2017 10:00:24 +0000

Vulnerability Summary The following advisory describes a local privilege escalation via LightDM found in Ubuntu versions 16.10 / 16.04 LTS. Ubuntu is an open source software platform that runs everywhere from IoT devices, the smartphone, the tablet and the PC to the server and the cloud. LightDM is an X display manager that aims to be lightweight, … Continue reading SSD Advisory – Ubuntu LightDM Guest Account Local Privilege Escalation

Independent Securiteam

Know your community – Yasser Ali

April 18, 2017 admin Know your community, SecuriTeam Secure Disclosure

Credit to Author: Maor Schwartz| Date: Tue, 18 Apr 2017 08:05:29 +0000

Today we have the honor to interview Yasser Ali! “Hall of Fame” member in PayPal / Ebay / Microsoft / Sony / Facebook and more, Security Manager at BugBountyHQ ‏(Bug Bounty Platform company), Senior Security Specialist at Deloitte and well known researcher. Questions Q: How many years have you been involved in the security field, … Continue reading Know your community – Yasser Ali

Independent Securiteam

Hack2Win – VXCON Hong-Kong

April 13, 2017 admin Conferences, SecuriTeam Secure Disclosure

Credit to Author: Maor Schwartz| Date: Thu, 13 Apr 2017 08:34:07 +0000

Hi everyone, We have decided this year to not only sponsor VXCON, but also to have a IoT hacking-village! Will let you win prizes and show your skills in hacking network based devices. We have selected 7 devices for you to try and hack. The goal of the event is to find who is able … Continue reading Hack2Win – VXCON Hong-Kong

Independent Securiteam

Know your community– Tessy (Takayuki Terashima)

April 12, 2017 admin Commentary, Know your community, SecuriTeam Secure Disclosure

Credit to Author: Maor Schwartz| Date: Wed, 12 Apr 2017 13:07:37 +0000

Takayuki Terashima, also known as Tessy (@tessy_jp), is one of AVTOKYO founder, Vice Executive Committee Chairman at SecCon and CTF team leader! Questions Q: How many years have you been involved in the security field, what was your motivation to get into it the first place? A: About 16 years. I started to work for … Continue reading Know your community– Tessy (Takayuki Terashima)

Independent Securiteam

SSD Advisory – Sentora Web Hosting Control Panel Multiple Vulnerabilities

April 11, 2017 admin Code Execution, Privilege Escalation, SecuriTeam Secure Disclosure

Credit to Author: noam| Date: Tue, 11 Apr 2017 10:23:24 +0000

Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in Sentora Web Hosting Control Panel that lead to remote code execution. Sentora is a free to download and use web hosting control panel developed for Linux, UNIX and BSD based servers or computers. The Sentora software can turn a domestic or commercial server into … Continue reading SSD Advisory – Sentora Web Hosting Control Panel Multiple Vulnerabilities

Independent Securiteam

SSD Advisory – Horde Groupware Webmail Multiple Remote Code Execution Vulnerabilities

April 9, 2017 admin Code Execution, Remote Code Execution, SecuriTeam Secure Disclosure

Credit to Author: Maor Schwartz| Date: Sun, 09 Apr 2017 10:28:46 +0000

Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in Horde Groupware Webmail. Horde Groupware Webmail Edition is a free, enterprise ready, browser based communication suite. Users can read, send and organize email messages and manage and share calendars, contacts, tasks, notes, files, and bookmarks with the standards compliant components from the Horde Project. … Continue reading SSD Advisory – Horde Groupware Webmail Multiple Remote Code Execution Vulnerabilities

Independent Securiteam

Know your community – Stefan Esser

April 5, 2017 admin Know your community, SecuriTeam Secure Disclosure

Credit to Author: Maor Schwartz| Date: Wed, 05 Apr 2017 07:22:14 +0000

One of the first names I knew of when I entered into the security field was Stefan Esser (@i0n1c). The guy that dropped 10 0-days in 2013 during SyScan, Founder of SektionEins GmbH, CEO of Antid0te UG, Speaker in all major security conferences and today’s one of the most talented security researchers. I had the … Continue reading Know your community – Stefan Esser