Smashing Security podcast #279: Encrypted notes, and a deadly case of AirTag spying

Read Time:18 Second

How did a saxophonist sneak sensitive information in and out of the Soviet Union? How might an Apple AirTag have led to murder? And isn’t the world of cryptocurrency and blockchain doing just great?

All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.

Read More

Nebulon bakes bare-metal Linux ransomware protection into the bootloader

Read Time:41 Second

Smart infrastructure vendor Nebulon today announced that its latest offerings provide newly hardened backups for configuration and snapshots, in an effort to add a new tool to the antiransomware arsenal for Linux systems.

The idea, according to Nebulon, is to protect against the problem of misconfigured servers and dated server configurations in Linux systems. This is a particularly serious problem in IT shops where configuration and patch management aren’t handled in a centrally organized way.

Nebulon’s new service works using the same principle as its existing smart infrastructure offerings, which are delivered via PCIe cards—here, the system periodically writes “known-good” configurations of the bootloader to the system, which can’t be touched by ransomware attackers, according to Gartner Research senior director and analyst Tony Harvey.

To read this article in full, please click here

Read More

CVE-2017-20050

Read Time:15 Second

A vulnerability has been found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007 and classified as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to improper access controls. The attack can be initiated remotely. It is recommended to upgrade the affected component.

Read More

CVE-2017-20049

Read Time:15 Second

A vulnerability, which was classified as critical, was found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. This affects an unknown part of the component CGI Script. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component.

Read More

CVE-2017-20048

Read Time:20 Second

A vulnerability, which was classified as critical, has been found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. Affected by this issue is some unknown functionality of the component Script Editor. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.

Read More

CVE-2017-20047

Read Time:17 Second

A vulnerability classified as problematic was found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.

Read More

CVE-2017-20046

Read Time:14 Second

A vulnerability classified as problematic has been found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. It is recommended to upgrade the affected component.

Read More

USN-5481-1: BlueZ vulnerabilities

Read Time:12 Second

It was discovered that BlueZ incorrectly validated certain capabilities
and lengths when handling the A2DP profile. A remote attacker could use
this issue to cause BlueZ to crash, resulting in a denial of service, or
possibly execute arbitrary code.

Read More

[R1] Nessus Agent Version 10.1.4 Fixes Multiple Vulnerabilities

Read Time:45 Second

[R1] Nessus Agent Version 10.1.4 Fixes Multiple Vulnerabilities
Arnie Cabral
Wed, 06/15/2022 – 12:36

Custom audit files bring tremendous power and flexibility when assessing the configuration of your assets. Two separate vulnerabilities that utilize this custom Audit functionality were identified, reported and fixed. With the release of Nessus Agent 10.1.4, Tenable has mitigated the reported issues by enabling the ability to sign and verify custom audit files.

1. CVE-2022-32973 – An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges.
2. CVE-2022-32974 – An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials.

Additional details on the custom audit signing functionality can be found here: https://community.tenable.com/s/article/Audit-Signing-Overview

Read More