RSS Reader for Computer Security Articles
Law enforcement agencies from around the globe, aided by Microsoft security researchers, have today announced the disruption of one of the most widely distributed malware families – Win32/Dorkbot. This malware family has infected more than one million PCs in over 190 countries. Dorkbot spreads through USB flash drives, instant messaging programs, and social networks. It…
Read MoreHas your enterprise environment been bogged down by a sneaky browser-modifier which tricked you into installing adware from a seemingly harmless software bundle? Then you might have already experienced what a potentially unwanted application (PUA) can do. The good news is, the new opt-in feature for enterprise users in Windows can spot and stop PUA…
Read MoreMost well-known antimalware tests today focus on broad-spectrum malware. In other words, tests include malware that is somewhat indiscriminate (isn’t necessarily targeted), at least somewhat prevalent and sometimes very prevalent. Typically, tests are not focused on specialized threats that are highly targeted, and most avoid including programs that walk the line between good and evil,…
Read More
When we sponsored DefCamp Romania back in November 2016, I saw Ionut Popescu lecture “Windows shellcodes: To be continued” and thought to myself “He’s must be a key figure in the Romanian security community – I must interview him” so I did! Introduction Ionut is working as a Senior Penetration Tester for SecureWorks Romania. Speaker … Continue reading Know your community – Ionut Popescu
Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in ZyXEL Enterprise Network Center (version 1.3.218.61) and two (2) vulnerabilities found in ZyXEL Vantage Centralized Network Management (version 3.2) The three vulnerabilities found in ZyXEL Enterprise Network Center (version 1.3.218.61) are: Directory traversal and Command injection vulnerabilities leading to Remote Command Execution “ShowIcon” Servlet … Continue reading SSD Advisory – ZyXEL Enterprise Network Center and Vantage Centralized Network Management Multiple Vulnerabilities
Read MoreVulnerabilities Summary The following advisory describes an SQL Injection in dotCMS 3.6.0 H2 Database that allows attackers to Remote Code Execution. Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor response We contacted the vendor back in December 2016 and they responded with: “H2 is not a … Continue reading SSD Advisory – dotCMS H2 Database Remote Code Execution
Read More
On our last blog post “Know your community” we interviewed Orange Tsai from Taiwan. Today we had the honor to interview Eva Tanaskoska! Introduction Eva is 23 years old, just finished her Bachelor studies in Network Technologies and in the near future will move to the Netherlands to work in the information security industry. Questions … Continue reading Know your community – Eva Tanaskoska
Vulnerabilities Summary The following advisory describes three (3) vulnerabilities in Icewarp, AfterLogic and MailEnable Webmails. The three vulnerabilities found are: Afterlogic Webmail code injection Icewarp Webmail code injection MailEnable Webmail code injection Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor Responses AfterLogic AfterLogic has released patch … Continue reading SSD Advisory – Icewarp, AfterLogic and MailEnable Code Injection