What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-08-20 12:18:29 | Vulnerability Spotlight: Internet Systems Consortium BIND server DoS (lien direct) | Emanuel Almeida of Cisco Systems discovered this vulnerability. Blog by Jon Munshaw.
The Internet Systems Consortium's BIND server contains a denial-of-service vulnerability that exists when processing TCP traffic through the libuv library. An attacker can exploit this vulnerability by flooding the TCP port and forcing the service to terminate.
The BIND nameserver is considered the reference implementation of the Domain Name System of the internet. It is capable of being an authoritative name...
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Vulnerability | ||
|
2020-08-10 08:01:33 | Barbervisor: Journey developing a snapshot fuzzer with Intel VT-x (lien direct) | By Cory Duplantis.
One of the ways vulnerability researchers find bugs is with fuzzing. At a high level, fuzzing is the process of generating and mutating random inputs for a given target to crash it. In 2017, I started developing a bare metal hypervisor for the purposes of snapshot fuzzing: fuzzing small subsets of programs from a known, static starting state. This involved working on a custom kernel that could be booted on bare metal. Having not done any operating system development before,...
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Vulnerability | ||
|
2020-08-04 07:00:39 | Vulnerability Spotlight: Arbitrary file deletion in SoftPerfect RAM Disk (lien direct) | Yuri Kramarz of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.
Cisco Talos researchers recently discovered that a specific driver in the SoftPerfect RAM disk could allow an adversary to delete files on an arbitrary basis. SoftPerfect RAM Disk is a high-performance RAM disk application that allows the user to store a disk from their computer on the device's space. An attacker could exploit this vulnerability to point to a specific filepath and then delete that file.
In...
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Vulnerability | ||
|
2020-07-31 11:52:09 | Vulnerability Spotlight: Microsoft issues security update for Azure Sphere (lien direct) | Claudio Bozzato, Lilith >_> and Dave McDaniel of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.
Cisco Talos researchers recently discovered seven vulnerabilities in Microsoft's Azure Sphere, a cloud-connected SoC platform designed specifically with IoT application security in mind. The infrastructure around the Azure Sphere platform is Microsoft's Azure Sphere cloud, which takes care of secure updates, app deployment, and periodically verifying the device integrity....
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Vulnerability | ||
|
2020-07-14 13:04:52 | Vulnerability Spotlight: Multiple vulnerabilities in RemoteFX affects, AMD, Intel chips (lien direct) | Piotr Bania of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.
Cisco Talos recently discovered multiple vulnerabilities in Intel's Graphics Accelerator Driver and in an AMD Radeon driver. The Intel driver was released in 2019 and is used in multiple Intel integrated and non-integrated GPUs. It is likely that an attacker could use these vulnerabilities to exploit users remotely. The vulnerability could also be used to escape out of a Hyper-V virtual machine to access the host...
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Vulnerability | ||
|
2020-07-10 08:52:15 | Vulnerability Spotlight: SQL injection vulnerability in Glacies IceHRM (lien direct) | Yuri Kramarz of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.
Cisco Talos researchers recently discovered that the Glacies' IceHRM software contains a vulnerability that could allow an adversary to inject SQL. IceHRM is a human resource management tool, allowing users to create and track timesheets for employees, upload documents and manage payroll. An attacker could send the software a specially crafted HTTP request, which can open the door for SQL injection. This could...
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Vulnerability | ||
|
2020-07-06 14:19:53 | New Snort rule addresses critical vulnerability in F5 BIG-IP (lien direct) | By Jon Munshaw.
Cisco Talos just released Snort coverage for a prominent vulnerability in F5's BIG-IP.
BIG-IP is one of the most popular networking products on the modern market. This product is used to shape web traffic, access gateways, limit rates and much more. F5 disclosed a remote code execution over the weekend that was assigned a maximum 10 out of 10 severity score.
CVE-2020-5902 is a remote code execution vulnerability in BIG-IP's configuration interface. Users are urged to make...
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Vulnerability | ||
|
2020-07-02 11:00:02 | Threat Source newsletter for July 2, 2020 (lien direct) | Newsletter compiled by Jon Munshaw.
Good afternoon, Talos readers.
Our latest research you should catch up on is the Valak malware. This information-stealer sneaks its way onto victim machines by hijacking legitimate email threads. The threat actors send their phishing emails and attachments in email threads, hoping to trick users into thinking they're legitimate.
We also have two vulnerability spotlights that alert users to patches you should make now. One is an information leak in Mozilla...
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Vulnerability Threat | ||
|
2020-07-02 09:13:04 | Vulnerability Spotlight: Google Chrome PDFium memory corruption vulnerability (lien direct) | Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.
The PDF renderer inside Google Chrome, known as PDFium, contains a memory corruption vulnerability that could be exploited by an adversary. PDFium is open-source software that is utilized in the Chrome browser and other applications. The software supports the use of JavaScript embedded inside PDFs and other specially crafted documents could corrupt the memory of the application, allowing an adversary to...
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Vulnerability | ||
|
2020-07-01 13:07:36 | Vulnerability Spotlight: Remote code execution vulnerabilities in LEADTOOLS 20 (lien direct) | Cory Duplantis of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.
Cisco Talos recently discovered a remote code execution vulnerability in the LEADTOOLS line of imaging toolkits. LEADTOOLS is a collection of toolkits designed to perform a variety of functions aimed at integrating documents, multimedia and imaging technologies into applications. All of the
software is produced by LEAD Technologies Inc. LEADTOOLS offers prebuilt and portable libraries with an SDK for most...
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Vulnerability Guideline | ||
|
2020-07-01 12:51:55 | Vulnerability Spotlight: Information disclosure vulnerability in Mozilla Firefox (lien direct) | Marcin "Icewall" Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.
Cisco Talos recently discovered an information disclosure vulnerability in Mozilla Firefox. An attacker can exploit this bug by tricking a user into visiting a specially crafted web page through the
browser. If successful, the adversary could use leaked memory to bypass ASLR and, in combination with other vulnerabilities, obtain the ability to execute arbitrary code.
In accordance with our coordinated...
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Vulnerability |
To see everything:
Our RSS (filtrered)
