Wednesday, June 19, 2019

VU#576688: Microsoft windows RDP Network Level Authenticaion can bypass the Windows lock screen

Microsoft Windows Remote Desktop supports a feature called Network Level Authentication(NLA),which moves the authentication aspect of a remote session from the RDP layer to the network-layer. The use of NLA is recommended to reduce the attack surface of systems...

VU#877837: Multiple vulnerabilities in Quest (Dell) Kace K1000 Appliance

CVE-2018-5404:The Dell Kace K1000 Appliance allows an authenticated,remote attacker with least privileges('User Console Only' role)to potentially exploit multiple Blind SQL Injection vulnerabilities to retrieve sensitive information from the database or copy the entire database. (CWE-89) CVE-2018-5405:The Dell Kace K1000...

VU#119704: Microsoft Windows Task Scheduler SetJobFileSecurityByName privilege escalation vulnerability

Task Scheduler is a set of Microsoft Windows components that allows for the execution of scheduled tasks. The front-end components of Task Scheduler,such as schtasks.exe,are interfaces that allow for users to view,create,and modify scheduled tasks. The back-end part of...

VU#400865: Cisco Trust Anchor module (TAm) improperly checks code and Cisco IOS XE web UI does not sanitize user input

CVE-2019-1649:Secure Boot Tampering,also known as Thrangrycat The logic that handles the access controls to TAm within Cisco's Secure Boot improperly checks an area of code that manages the Field Programmable Gate Array(FPGA). The TAm is a proprietary hardware chip...

VU#169249: PrinterLogic Print Management Software fails to validate SSL certificates or the integrity of software updates.

PrinterLogic versions up to and including are vulnerable to multiple attacks. The PrinterLogic agent,running as SYSTEM,does not validate the PrinterLogic Management Portal's SSL certificate,validate PrinterLogic update packages,or sanitize web browser input. CVE-2018-5408:The PrinterLogic Print Management software does not...

VU#166939: Broadcom WiFi chipset drivers contain multiple vulnerabilities

Vulnerabilities in the open source brcmfmac driver: CVE-2019-9503:If the brcmfmac driver receives a firmware event frame from a remote source,the is_wlc_event_frame function will cause this frame to be discarded and not be processed. If the driver receives the firmware...

VU#871675: Multiple vulnerabilities identified in WPA3 protocol design and implementations of hostapd and wpa_supplicant components

CERT continues to review the WPA3 protocol in support of this body of research. The root cause of the numerous"implementation"vulnerabilities may involve modifying the protocol. WPA3 uses Simultaneous Authentication of Equals(SAE),also known as Dragonfly Key Exchange,as the initial key...

VU#192371: Multiple VPN applications insecurely store session cookies

Virtual Private Networks(VPNs)are used to create a secure connection with another network over the internet. Multiple VPN applications store the authentication and/or session cookies insecurely in memory and/or log files. CWE-311:Missing Encryption of Sensitive Data The following products and...

VU#174715: MyCar Controls uses hard-coded credentials

MyCar is a small aftermarket telematics unit from AutoMobility Distribution Inc. MyCar add smartphone-controlled geolocation,remote start/stop and lock/unlock capabilities to a vehicle with a compatible remote start unit. The MyCar Controls mobile application contains hard-coded admin credentials(CWE-798)which can be...

VU#730261: Marvell Avastar wireless SoCs have multiple vulnerabilities

A presentation at the ZeroNights 2018 conference describes multiple security issues with Marvell Avastar SoCs(models 88W8787,88W8797,88W8801,and 88W8897). The presentation provides some detail about a block pool memory overflow. During Wi-Fi network scans,an overflow condition can be triggered,overwriting certain block...

VU#395981: Self-encrypting hard drives do not adequately protect data

CVE-2018-12037 There is no cryptographic relation between the password provided by the end user and the key used for the encryption of user data. This can allow an attacker to access the key without knowing the password provided by...

VU#465632: Microsoft Exchange 2013 and newer are vulnerable to NTLM relay attacks

Microsoft Exchange supports a API called Exchange Web Services(EWS). One of the EWS API functions is called PushSubscription,which can be used to cause the Exchange server to connect to an arbitrary website. Connections made using the PushSubscription feature will...

VU#756913: Pixar Tractor contains a stored cross-site scripting vulnerability

Pixar's Tractor software,versions 2.2 and earlier,contain a stored cross-site scripting vulnerability(CWE-79)in the field that allows a user to add a note to an existing node. The stored information is displayed when a user requests information about the node. An...

VU#741315: Dokan file system driver contains a stack-based buffer overflow

CWE-121:Stack-based Buffer Overflow - CVE-2018-5410 Dokan,versions between and,are vulnerable to a stack-based buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbitrary input that will trigger the...

VU#531281: Microsoft Windows DNS servers are vulnerable to heap overflow

CWE-122:Heap-based Buffer Overflow - CVE-2018-8626 Microsoft Windows Domain Name System(DNS)servers are vulnerable to heap overflow attacks. Microsoft acknowledges that"an attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account."This remote code...

How AI-enhanced malware poses a threat to your organization

Malware controlled by artificial intelligence could create more convincing spam, avoid security detection, and better adapt itself to each target, says a new report from Malwarebytes.

Tech news roundup: HPE Discover 2019, Facebook’s Libra cryptocurrency, and Google Cloud’s debacle

This week's TechRepublic and ZDNet news stories include a look at the companies that hire the most data scientists, four significant impacts of a security breach, and a first-hand account of a major hack job.
SC Magazine

ACLU tells Ga. Supreme Court Fourth Amendment should apply to personal data stored by cars

Fourth Amendment protections should apply to personal data in a car’s Event Data Recorder, the American Civil Liberties Union (ACLU) will argue before the Georgia Supreme Court today. The state’s high court is hearing oral arguments in Mobley v. State, which challenges law...
PC Mag

Can Anything Protect Us From Deepfakes?

Along with fake news, forged videos have become a national security concern, especially as the 2020 presidential elections draw near. Researchers at the University of Surrey have developed a solution that might solve the problem.

How Hackers Emptied Church Coffers with a Simple Phishing Scam

Cyber thieves aren't bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered.