Vulnerabilities

6K

Solutions

8K

Contributors

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.

Share tech news, updates, or what's on your mind.

Sign up to Post

Last night in a meeting we were informed that wp2 is no longer secure that a new method for   vracking WPA/WPA2 Passwords on 802.11 networks has been recently discovered.  

Any EE aware of this? How can we protect our WiFi routers against this new threat?
1
Cloud Class® Course: C++ 11 Fundamentals
LVL 12
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

A hacker penetrated my cPanel and modified files and code on my site.
 
I have a log report from hosting service provider. It goes like this:
 
.....frontend/paper_lantern/filemanager/upload-ajax.html?file=megla.txt&fileop=&dir=%2Fhome%2Fmyaccount%2Fmydomain.com&dirop=&charset=&file_charset=&baseurl=&basedir=" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.59 Safari/537.36" "s" "-" 2083
 
(I replaced only the account name and site name with generic ones)
 
My cPanel password is very strong (100%), it's long and beside letters and numbers it contains special many characters; I've changed it a few times. It is not possible that one can hack it easily.
 
It already happened 3 times and each time the system suspends my account automatically for a number of hours, before it's restored by the support staff.
 
I suspect that the attack is done by a former developer who I know was a hacker and we didn't part on exactly friendly terms. He knows the structure of my site and I have a static IP which he also knows.
 
If possible, I would like to know some details about how to protect my site from further similar hacking, penetrations, injections, etc.
 
Thanks.
0
https://www.straitstimes.com/singapore/method-of-attack-showed-high-level-of-sophistication

Refer to above Singhealth data breach incident.

Q1:
What mitigations could have been put in place to prevent / mitigate it in the 1st place?

Q2:
Will Database Activity Monitoring (eg: Imperva with its granular ACL) help or Privilege
Access Management besides dedicating/isolating PCs for general purpose/servers access?

Assume they're running MS SQL on Windows servers
0
Q1:
I recalled Cyberark ever presented a product that  could alert when sysadmins run or access a privileged (or one that we can programme to be alerted) tool or activity : what's the name of this product?

Q2:
Does this product make use of PSM video recording of the sysadmin's session access & perform OCR on the video (to get the text)?

Q3:
Can latest version of Cyberark DNA scan for Cisco network devices privileged accounts?
0
can you tell us if it is possible to disable/prevent users from creating auto-forward rules in outlook?
This is a common data exfiltration technique used by attackers and we would like to know if it is possible to prevent this type of rule from being created or enabled.

this is related to auto forwarding rule in office 365
0
We have been hit with ransomware.  Please see the attached screenshot.

The file extensions have been changed to STG.

They hacked into the network, created admin users and made them part of the Admin group, created shares etc.
0
I need to disable the POODLE vulnerability.  I have Centos 7.5 and
OpenSSL 1.0.2k-fips  26 Jan 2017

Open in new window

and I have ran yum update openssl and nothing qualifies.  I added the line
SSLProtocol All -SSLv2 -SSLv3

Open in new window

in
/etc/httpd/conf.d/ssl.conf

Open in new window

- I then restarted httpd.

Yet when I run my cert against https://www.ssllabs.com free ssl checker I still show a POODLE vulnerability.

Please tell me how to get rid of this vulnerability.

Thanks,
0
Can anyone please help?I have wasted almost a day on this,...Codebase I am working on has been analyzed by Checkmarks(i.e Its a tool which scan code for any security  issues), and it came back with a report containing a "Stored XSS" issue. The issue states:

Method retrieveDataTagsNames at line 47 of Correspondence
Template/sf/claims/api/correspondence/template/data/DataTagsNamesDao.java gets data from the database,
for the query element. This element’s value then flows through the code without being properly filtered or
encoded and is eventually displayed to the user in method retrieveDataTagsNamesDetails at line 52 of
Correspondence Template/sf/claims/api/correspondence/template/service/DataTagsNamesRestController.java.
This may enable a Stored Cross-Site-Scripting attack.

Code  for DataTagsNamesDao.java:-

public class DataTagsNamesDao {
    private static final Logger LOGGER = LoggerFactory.getLogger(DataTagsNamesDao.class);

    @Autowired
    private NamedParameterJdbcTemplate jdbcTemplate;

    @Autowired
    private Sql retrieveDataTagsNames;

    /**
     * This method retrieves data tags names and values  from a DB2
     * sequence object.
     * 
     * @return String (data tags names and values)
     */
    @Transactional(readOnly = true)
    public List<DataTagsNames> retrieveDataTagsNames(String templateId) {
	
	try {
	    return jdbcTemplate.query(retrieveDataTagsNames.getSql(),new MapSqlParameterSource().addValue("templateId", templateId) 

Open in new window

0
Are 32 bit computers at a higher risk of Anti-Virus, Malware or Ransomware infections?

We have a few left and I need to know if I should trash them ASAP.
0
As we do not know the various subnets/VLANs in the network and all the devices on it,
is there a feature in Nessus scanner that will 'auto discover or crawl' to get all subnets
& IP addresses?  What's this feature called in Nessus?

It will help give an inventory (hardware type and OS versions ie fingerprinting)
0
Redefining Cyber Security w/ AI & Machine Learning
LVL 1
Redefining Cyber Security w/ AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Join our webinar on Sept. 21st to learn more about leveraging AI and machine learning to protect your business.

Hi,

I need assistance how I can disable / close network discovery on LAN for Servers and all Clients please.


Regards
Asif
0
sql and php vulnerabilities
0
Hi,

My company have some VM which running IIS web server on Windows OS. Based on BitSight - Web Server Vulnerabilities.

My tasks are assigned as follow.

Services require to reverted back
2. Where to disable SSLv2 and SSLv3 protocol, the Diffie-Hellman encryption length also require to use 2048bit
3. How to update those outdated IIS server

Ps advice me accordingly as i've never done this before as require by our Cyber team.

If there is any best practice to perform hardening, ps advice and share for my knowledge.

Tks.

Lcuky
0
I'm trying to connect a Watchguard T30 to an AP320 through a Cisco Catalyst 2960.

I'm able to set up trunking on the Cisco so that I can see the AP320 through the controller, however when I connect to the WLAN I get no DHCP address, and I can't get online even when I hard code the IP. Based on some logging information I've seen on the Watchguard, it almost looks as though the Cisco switch is sending packets to the wrong gateway address.

It looks like when a device was requesting an IP on the VLAN 192.168.5.1/24 subnet that request was sent to the lan 192.168.1.1 gateway.

I'm extremely new to Cisco so it's entirely possible I'm missing something obvious, but when the VLAN's are set up on the router and then trunking is configured for those VLAN's on the Cisco, is there a place where you need to specify what Gateway to use for each trunk?
0
I currently have a Watchguard Firebox in place and have recently purchased a Cisco Catalyst 2960 to server as our primary switch. Our Watchguard currently manages our WAP's (also Watchguard) which have a private and public wifi network which is segmented through the use of VLAN's.

I'm extremely new to Cisco and I'm trying to determine how I would go about configuring the ports on the switch to pass along all VLAN traffic which should allow the WAP's to continue functioning.
0
How can i solve Allowed Null Session Active ,Windows vulnerability on  server 2012 R2,
CVE ID: CVE-2002-1117, CVE-2000-1200
0
I have a query on missing security updates on Windows servers. I have done some MBSA (baseline security analyser) scans of some database servers, and it flags in a few cases rather old updates, e.g. MS016-057 (critical) as "missing and are not approved by your system administrator". Rather than flag this immediately as risk to the technical support team, do more recent MS security updates ever superseded or have a cumulative effect whereby these older missing updates are no longer relevant or required. or is it a case than if MBSA says they are missing, they need to be installed, regardless of all the newer updates released more recently which in most cases had been applied.
0
https://www.bleepingcomputer.com/news/security/backswap-banking-trojan-uses-never-before-seen-techniques/

Referring to above  BackSwap Banking Trojan ,  does McAfee AV & IPS detect/block it?
Think I saw a link (but misplaced it) that McAfee AV can't detect it yet.

Is there alternative ways of detecting/blocking it if AV can't?

What is the hash or IOC for this malware?
0
I am trying to confirm whether Sentinel One EndPoint Protection is a viable replacement for existing Webroot EndPoint Protection and MalwareBytes EndPoint protection.  We have been using Webroot/Malwarebytes endpoint clients on our workstations and servers for about four or five years now.  We have not encountered any compromises/issues using these products.   I also need to mention we also use Cisco's Umbrella Roaming Client as well.

We also have a SonicWall TZ500W with the Comprehensive  Gateway protection.  We never enabled the DPI module because it caused many connection issues accessing creditable Court websites, etc.  

So now SonicWall is promoting/offering their Capture Client solution that I am interested in.  I wanted to purchase the Sentinel One client software a couple of years back, but they said I could not make a purchase since the minimum count they could sell is 100.  We only need 25 licenses.  So now that Sonicwall offers Capture Client, I want to know if its feasible to say it would actually replace both Webroot and MalwareBytes EndPoint products and not just work along side and complement them.  So, I contacted Sentinel One Sales and they indicate their product serves as direct replacement.  They also mentioned their clients actually use Capture Client exclusively.

I have concern about a complete replacement solution.  I just want to ensure if we decide to deploy Sentinel One Capture Client as the sole Anti-Virus and Anti-Malware solution it …
0
ON-DEMAND: 10 Easy Ways to Lose a Password
LVL 1
ON-DEMAND: 10 Easy Ways to Lose a Password

Learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees in this on-demand webinar. We cover the importance of multi-factor authentication and how these solutions can better protect your business!

I was given a list of potential malicious sites by some intel but when I ping them, they don't resolve to any IP.

How to know if they were there before or had been taken down??

Will post them in the post below
0
Anyone know if the Spectre vulnerability really be fixed with a software patch being that it is a hardware problem?
0
Hi,

I'm doing a pen test remediation and they have flagged up default IIS files present on our Exchange and other servers (see wording below). I've scoured the web but can't find any conclusive guides for a safe way to do this. If i go into IIS on these servers, click on the root and then Default document i can see a list of files. If I remove these will this solve the vulnerability and more importantly will it not break anything?

Any advice would be greatly appreciated. :)

Description
Default files have been found on the server. These may often contain dangerous script examples,
administrative interfaces, or configuration information.
The presence of default Web Server files also indicates that the Web Server hardening procedure needs
improvement, and this could indicate to an attacker that further vulnerabilities may exist due to a
weakness in server management practices.
CVSS v2 Vector (AV:N/AC:L/Au:N/C:P/I:N/A:N)

Solution
Remove the default files from the server and review server hardening procedures to ensure default files
are removed during the server build.

Information
Default IIS7 files found on 4 externally facing IP addresses
0
We are looking to set up a point to point vpn with sonicwall on our end and watchguard on the clients end. We'll be using that to set up crashplan backup on virtual machines. Two questions.
1. Is it pretty straightforward to set up the point-to-point between sonicwall and watchguard?
2. Once that is established, would we need a backup device for each VM (say we have 3) or would backing them up to one device with designated partitions work ok?
0
We would like to run a scan of our external network (covering a subnet range) to determine:

1. What ports are open (scanning all 65,535 UDP, TCP ports

2. Check to see if there are any obvious vulnerabilities for any of the discovered endpoints such as the firewall itself


Ideally a Windows-based utility with a GUI is preferred and free/free trial.


Thanks
0
We have a Watchguard XTM 2 firewall device.

We have set it up successfully with a static IP address through our modem.  The modem works and plugged it directly into the computer with IPv4 manually set.

We have the WAN in X0 and the LAN is X2.

When we setup the device with the Trusted Interface of 192.168.0.1/24 with DHCP range of 192.168.0.2-192.168.0.199 it works but does not get Internet.   The DNS server is set and the computer has no problem getting a DHCP address.

The only thing that looks wrong is this picture with the gateway is showing up as 0.0.0.0 but don't see a place to change it nor do I see any settings wrong.  Help!
20180503_110739.jpg
0

Vulnerabilities

6K

Solutions

8K

Contributors

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.