Independent – Page 454 – Computer Security Articles

Vulnerability Summary The following report describes a remote code execution vulnerability found in ZendMail. The vulnerability allows an attacker injecting additional parameters to the sendmail binary via the From address. Credit An independent security researcher Dawid Golunski (https://legalhackers.com/) has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program Vulnerability Details “ZendMail provides generalized functionality … Continue reading SSD Advisory – ZendMail Remote Code Execution Vulnerability →

Independent Securiteam

January 23, 2017 admin

SSD Advisory – ZyXEL / Billion Multiple Vulnerabilities

Vulnerability Summary The following advisory describes four (4) vulnerabilities and default accounts / passwords in ZyXEL / Billion customized routers. TrueOnline is a major Internet Service Provider in Thailand that provides customized versions of routers to its customers, free of charge. The routers are manufactured by ZyXEL and Billion runs a special Linux distribution called … Continue reading SSD Advisory – ZyXEL / Billion Multiple Vulnerabilities →

Independent Securiteam

January 23, 2017 admin

SSD Advisory – EasyIO Multiple Vulnerabilities

Vulnerability Summary The following advisory describes three (3) vulnerabilities that allow to an attacker to gain unauthenticated remote code execution. EasyIO provides products for Building Energy Management Systems. Low costs, high energy savings. The three vulnerabilities found in EasyIO include: Unauthenticated remote code execution Unauthenticated database file download Authenticated directory traversal vulnerability The vulnerability affected … Continue reading SSD Advisory – EasyIO Multiple Vulnerabilities →

Independent Securiteam

January 23, 2017 admin

Security conferences – Survival guide 2017 Q1

We have some few more days until the end of the year (2016) but it’s time to open the calendar and get ready for 2017(!). We will try publish every quarter the main security conferences* We have gathered the following information for you for each conference: Dates Place Link to official conference website Ticket price … Continue reading Security conferences – Survival guide 2017 Q1 →

Independent Securiteam

January 23, 2017 admin

HITCON Taiwan 2016

On the 1-2 December 2016 we had the honor for the first time to sponsor HITCON and visit Taiwan. Our adventure started in November 30th when Noam and I landed in Taipei and we had half a day to sightseeing and set up our booth at the conference hall. In the evening we were invited … Continue reading HITCON Taiwan 2016 →

Independent Krebs

January 23, 2017 admin

Adobe, Microsoft Push Critical Security Fixes

Adobe and Microsoft on Tuesday each released security updates for software installed on hundreds of millions of devices. Adobe issued an update for Flash Player and for Acrobat/Reader. Microsoft released just four updates to plug some 15 security holes in Windows and related software.

Independent Krebs

January 23, 2017 admin

Who is Anna-Senpai, the Mirai Worm Author?

On September 22, 2016, this site was forced offline for nearly four days after it was hit with “Mirai,” a malware strain that enslaves poorly secured Internet of Things (IoT) devices like wireless routers and security cameras into a botnet for use in large cyberattacks. Roughly a week after that assault, the individual(s) who launched that attack — using the name “Anna Senpai” — released the source code for Mirai, spawning dozens of copycat attack armies online. After months of digging, KrebsOnSecurity is now confident to have uncovered Anna Senpai’s real-life identity, and the identity of at least one co-conspirator who helped to write and modify the malware.

Independent Krebs

January 23, 2017 admin

DNI: Putin Led Cyber, Propaganda Effort to Elect Trump, Denigrate Clinton

Russian President Vladimir Putin directed a massive propaganda and cyber attack operation aimed at discrediting Hillary Clinton and getting Donald Trump elected, the top U.S. intelligence agencies said in a remarkable yet unshocking report released on Friday.