• Beranda /
• Peringatan Ancaman Keamanan

Default SSH Key Found in Many Cisco Security Appliances

• Kamis, 02 Jul 2015
• Penulis: Dennis Fisher, ThreatPost (Kaspersky Blog)

"The company said that all of its Web Security Virtual Appliances, Email Security Virtual Appliances, and Content Security Management Virtual Appliances are affected by the vulnerability. This bug is about as serious as they come for enterprises."

Trend Micro Discovers Apache Cordova Vulnerability that Allows One-Click Modification of Android Apps

• Rabu, 17 Jun 2015
• Penulis: Steven Shen, Security Intelligence Blog (Trend Micro)

We’ve discovered a vulnerability in the Apache Cordova app framework that allows attackers to modify the behavior of apps just by clicking a URL. The extent of the modifications can range from causing nuisance for app users to crashing the apps completely.

The Cost of Bad Threat Intelligence

• Rabu, 17 Jun 2015
• Penulis: Sergio Caltagirone, activeresponse.org

There is no doubt that threat intelligence is now “a thing.” At RSA 2015 I couldn’t help but notice how many vendor booths were hawking their relevance to threat intelligence. I hear about a threat intelligence start-up almost weekly. That is not surprising given venture capital is flowing and C-suite customers are now investing in “threat intelligence.” Everyone wants a piece of the pie.

Synology Fixes File-Takeover Flaw in Cloud Station OS X Client

• Rabu, 17 Jun 2015
• Penulis: Dennis Fisher, Threat Post (Kaspersky blog)

There is a vulnerability in some versions of Synology’s Cloud Station client for OS X that can enable any user to take over system files and gain complete control of the machine. ...

Redis EVAL Lua Sandbox Escape

• Rabu, 17 Jun 2015
• Penulis: Ben Murphy's Blog

It is possible to break out of the Lua sandbox in Redis and execute arbitrary code. This vulnerability is not new and is heavily based on Peter Cawley’s work with Lua bytecode type confusion.

Pixiewps - Bruteforce Offline the WPS Pin (Pixie Dust Attack)

• Rabu, 17 Jun 2015
• Penulis: Lydecker Black, Kitploit

Pixiewps is a tool written in C used to bruteforce offline the WPS pin exploiting the low or non-existing entropy of some APs (pixie dust attack). It is meant for educational purposes only. All credits for the research go to Dominique Bongard.

Logjam: the latest TLS vulnerability explained

• Jumat, 12 Jun 2015
• Penulis: Filippo Valsorda, Cloudflare

Yesterday, a group from INRIA, Microsoft Research, Johns Hopkins, the University of Michigan, and the University of Pennsylvania published a deep analysis of the Diffie-Hellman algorithm as used in TLS and other protocols. This analysis included a novel downgrade attack against the TLS protocol itself called Logjam, which exploits EXPORT cryptography (just like FREAK).

Insider vs. Outsider Threats: Identify and Prevent

• Jumat, 12 Jun 2015
• Penulis: brenda, Infosec Institute

Before getting a deep understanding of these threats, we first need to define what we mean by the term “Malicious Insider” or “Insider Threat.” Firstly, an Insider is an individual with privileged access to an IT system in an organization

Critical vulnerabilities in JSON Web Token libraries

• Jumat, 12 Jun 2015
• Penulis: ab0files Blog

Recently, while reviewing the security of various JSON Web Token implementations, I found many libraries with critical vulnerabilities allowing attackers to bypass the verification step. ...

Trend Micro Discovers MalumPoS; Targets Hotels and other US Industries

• Jumat, 12 Jun 2015
• Penulis: Jay Yaneza, Security Intelligence Blog (Trend Micro)

We first discovered MalumPoS, a new attack tool that threat actors can reconfigure to breach any PoS system they wish to target. Currently, it is designed to collect data from PoS systems running on Oracle® MICROS®, a platform popularly used in the hospitality, food and beverage, and retail industries.