As we promised, the security conferences “Survival guide” for 2017 Q2 is here! We have gathered the following information for you for each conference: Dates Place Link to official conference website Ticket price Lectures Workshops So let’s get started: Security conferences – Survival guide part 2 Infiltrate Dates: 6-7 April 2017 Place: Fontainebleau Miami,Florida US … Continue reading Security conferences – Survival guide 2017 Q2
Kana Shinoda is a well known persona in the security field, she is the organizer of Code Blue and APWG, a review board of HITB, and was a coordinator of Black Hat Japan, Conference Coordinator and CTF Interpreter of AVTOKYO and the list can go on and on. We had the honor to interview her … Continue reading Know your community – Kana Shinoda
Vulnerability Summary The following advisory describes an Local Privilege Escalation vulnerability in NCurses, version 5.9. Credit An independent security researcher Dawid Golunski (https://legalhackers.com/) has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program Vendor Responses NCurses has released a patch to address the vulnerability. Thomas Dickey has also added the following statement “I don’t … Continue reading SSD Advisory – NCurses 5.9 Local Privilege Escalation
Read moreVulnerabilities Summary The following advisory describes a Cross-Site Scripting (XSS) vulnerability found in WebSphere Portal version 8.0.0.1. IBM WebSphere Portal products provide enterprise web portals that help companies deliver a highly-personalized, social experience for their customers. WebSphere Portal products give users a single point of access to the applications, services, information and social connections they … Continue reading SSD Advisory – IBM WebSphere Portal Cross-Site Scripting (XSS)
Read more
On our last blog post “Know your community” we interviewed Ionut Popescu from Romania. Today we had the honor to interview Beist (SeungJin Lee)! Introduction SeungJin Lee, known as Beist is a 32 years old security researcher from South Korea. Beist is the founder of GrayHash (pen-testing company) and highly regarded security research that found … Continue reading Know your community – Beist (SeungJin Lee)
Vulnerabilities Summary The following advisory describes an SQL injection vulnerabilities in the SAP Afaria Service Pack 4 HotFix 15 that can lead to execute arbitrary code. Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor Responses SAP Afaria has released patch to address the vulnerability – SP5 … Continue reading SSD Advisory – SAP Afaria SQL Injection
Read more
When we sponsored DefCamp Romania back in November 2016, I saw Ionut Popescu lecture “Windows shellcodes: To be continued” and thought to myself “He’s must be a key figure in the Romanian security community – I must interview him” so I did! Introduction Ionut is working as a Senior Penetration Tester for SecureWorks Romania. Speaker … Continue reading Know your community – Ionut Popescu
Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in ZyXEL Enterprise Network Center (version 1.3.218.61) and two (2) vulnerabilities found in ZyXEL Vantage Centralized Network Management (version 3.2) The three vulnerabilities found in ZyXEL Enterprise Network Center (version 1.3.218.61) are: Directory traversal and Command injection vulnerabilities leading to Remote Command Execution “ShowIcon” Servlet … Continue reading SSD Advisory – ZyXEL Enterprise Network Center and Vantage Centralized Network Management Multiple Vulnerabilities
Read more