SecLists.Org Security Mailing List Archive

Any hacker will tell you that the latest news and exploits are not found on any web site—not even Insecure.Org. No, the cutting edge in security research is and will continue to be the full disclosure mailing lists such as Bugtraq. Here we provide web archives and RSS feeds (now including message extracts), updated in real-time, for many of our favorite lists. Browse the individual lists below, or search them all:

Insecure.Org Lists

Nmap Development — Unmoderated technical development forum for debating ideas, patches, and suggestions regarding proposed changes to Nmap and related projects. Subscribe here.

Re: nmap 'ssl-enum-ciphers' does not display all ciphers nnposter (Jan 10)
<snip>

issue remains; why doesn't nmap report on all of the ciphers that nginx
is making available?

I am guessing that the issue is not that Nmap fails to report them. More
likely your server is not really supporting them.

Let me comment on your individual cipher suites:

DHE-RSA-AES256-SHA256
Ephemeral (classic) DH key exchange requires key space definition. Have
you configured "ssl_dhparam" in Nginx?...

Re: nmap 'ssl-enum-ciphers' does not display all ciphers nnposter (Jan 09)
This version of Nmap is almost four years old. Could you please confirm
that your issue is also experienced with the current version?

Also, it is not altogether surprising that there are no cipher suites
found with TLS 1.0 and 1.1 because all your cipher suites use SHA-2,
which is technically only available in TLS 1.2.

Cheers,
nnposter

nmap 'ssl-enum-ciphers' does not display all ciphers Lemons, Terry (Jan 09)
Hi

I've been using nmap's 'ssl-enum-ciphers' script to probe a nginx system using the following cipher settings:

ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_ciphers...

Patch for sub-directory issue in http-fetch Aniket Pandey (Jan 08)
Hi,

One of the scripts, http-fetch had an issue with saving the files as it
did not specify a separate sub-directory for individual targets. Daniel
Miller created an issue [1] about it.

Link: https://github.com/nmap/nmap/pull/1100

I patched it and submitted a PR. Also, verified the fix on my local
machine, it seemed to work fine. Although, if it still has some issues,
please let me know. I'll try to fix that as well.

Regards,...

Firefox vuln-headers-extension created by Rewanth Cool Rewanth Cool (Jan 08)
Submitted vulnerabilities to websites like #Signup , #Chargify, #Hotstar,
#Medium, etc using this tool.
Listed in #Chargify #HOF, others resolving #issues.

I created this firefox extension which parses the headers of all the
requests which are flowing through your firefox browser to check for
vulnerabilities.

#Bughunting #Web #App #2018

Github repository - https://github.com/rewanth1997/vuln-headers-extension

Medium Article -...

Re: Telnet fingerprint NSE script sigoa (Jan 07)
as if not 85%+ of github is goofed up.

Recreate TCP sequence based on fingerprint variables db (Jan 06)
Given the GCD, SP and ISR values from the fingerprint database is it
possible to generate a set of ISNs that satisfies the conditions?

My thought was to work backwards by first finding a value for
rtmp/seq_stddev that satisfies the SP condition. Then find a seq_avg_rate
value to satisfy the ISR condition. I'm not sure then how to create a set
of sequences based on those two values that satisfy the GCD. I doubt my
approach is correct to...

Scan range IP not working in FreeBSD Willsz.net Support (Jan 04)
Hi,

I got some problem with nmap with range IP Address.
root:~# uname -msr
FreeBSD 10.4-STABLE i386

root:~# nmap -V

Nmap version 7.40 ( https://nmap.org )
Platform: i386-portbld-freebsd10.3
Compiled with: liblua-5.3.3 openssl-1.0.1s-freebsd libpcre-8.40
libpcap-1.4.0 nmap-libdnet-1.12 ipv6
Compiled without:
Available nsock engines: kqueue poll select

root:~# nmap -sn 192.168.100.23,70-71,100-102

Starting Nmap 7.40 ( https://nmap.org ) at...

PR #1085 Add NSE script to execute system commands on MS SQL Server with sp_execute_external_script James Otten (Dec 28)
I opened a pull request for a new NSE script that executes system commands
on Microsoft SQL Server through Microsoft Machine Learning Services. I look
forward to hearing any feedback that the group may have on this.

https://github.com/nmap/nmap/pull/1085

Thanks,

James

Npcap - pcap_if UP flag Shlomi Kadar-Levi (Dec 26)
Hi guys,

I am using the Npcap library.
I recently recognized that the code is missing the further implementation of recognizing when the interface is up or
not.

Currently there is only loopback flag supported:
#define PCAP_IF_LOOPBACK 0x00000001 ///< interface is loopback

I was wondering is the "up" support will be implemented soon?
(#define PCAP_IF_UP 0x00000002 ///< interface is up)

Thanks,
Shlomi.

Compile NPcap for Windows 10 IoT. Giacomo Succi (Dec 17)
Hi everyone,
I've a very "simple" question.
Is it possible, in your opinion, to compile the NPcap lib (and later NMap
maybe) for Windows 10 IoT on an ARM platform (Raspberry Pi 3 to be precise)?

Thanks a lot in advance.

Best regards
Giacomo

Re: dev Digest, Vol 153, Issue 6 Yash Chaudhary (Dec 13)
Re : Please tell which IDE do you use for LUA?

Fw: Re: [Homebrew/homebrew-core] Nmap - Closed port inconsistency (#20951) Rob Dartnell via dev (Dec 13)
Hi,
Please see the bug below, and let me know if you need me to raise it formally on your forum.I thought it should go to
homebrew/brew team, however they've directed me here instead:Nmap - Closed port inconsistency · Issue #20951 ·
Homebrew/homebrew-core

|
|
|
| | |

|

|
|
| |
Nmap - Closed port inconsistency · Issue #20951 · Homebrew/homebrew-core

Brew Nmap version 7.60 (latest version) Using the '--reason'...

PR + request for high priority work Vincent Dumont (Dec 11)
Hey guys,

I've sent a PR (#1076) a few days ago aiming to fix Issue #839:
https://github.com/nmap/nmap/pull/1076.
Please tell me if anything's wrong with the modifications. If it can be
merged to the SVN repo, I would be glad to do it since I still have my
credentials to do so.

Also, I am now looking at the issues list to see what I could work on next.
Any ideas? Any high priority tasks I can work on?

Cheers,

Vincent Dumont

Telnet fingerprint NSE script Daniel Roberson (Dec 09)
Hello.

I've written an NSE script to fingerprint Telnet services. Please see the
following PR:

https://github.com/nmap/nmap/pull/1083

This is my first NSE script and first time working with Lua, so I may have
goofed something up. As far as I can tell this meets the style guidelines.
If anything needs to be changed, let me know.

Kind regards.
Daniel

Nmap Announce — Moderated list for the most important new releases and announcements regarding the Nmap Security Scanner and related projects. We recommend that all Nmap users subscribe.

Nmap GSoC 2017 Success Reports Fyodor (Oct 10)
Hello Nmap Community,

Nmap celebrated its 20th birthday last month and we also just completed our
13th Google Summer of Code. We focused on a fairly small team of four
students this year (http://seclists.org/nmap-announce/2017/2), and I'm
happy to report that every one passed! And they all have code integrated
into Nmap 7.60 already, with even more to follow for the next release.
Also this year, for the first time, every student wrote a...

Nmap 7.60 released! SSH support, SMB2/SMB3 improvements, 14 more scripts, new Npcap, GSoC work, and more Fyodor (Aug 01)
Hello everyone. I'm back from Defcon and excited to announce the new Nmap
7.60 release! It has only been a month and a half since 7.50, but we still
packed a lot into this one. Mostly because we have such an awesome GSoC
team of 8 students and mentors working on so many cool projects. The
program hasn't even ended yet, but much of their work has already been
integrated into this release.

One of the things I'm most excited...

Nmap 7.50 Released! 14 new NSE scripts, 300+ fingerprints, new Npcap, and more Fyodor (Jun 13)
Dear Nmap Community:

The Nmap project is delighted to announce the release of Nmap 7.50! It is
our first big release since last December and has hundreds of improvements
that we hope you will enjoy.

One of the things we have been worked the hardest on recently is our Npcap
packet capturing driver and library for Windows (https://nmap.org/npcap/).
It is a replacement for WinPcap, which served us well for many years, but
is no longer maintained....

Introducing the 2017 Nmap/Google Summer of Code Team! Fyodor (May 18)
Nmap community:

Thanks for all of your applications and referrals of talented students to
the Summer of Code program. Google has agreed to sponsor four students to
spend this summer enhancing the Nmap Security Scanner and I'm proud to
introduce our 2017 team! We normally mentor coders working all over the
Nmap/Zenmap/Ncat/Nping spectrum, but this year we're doubling down on the
Nmap Scripting Engine component. All four of our...

Nmap Project Seeking Talented Programmers for GSoC 2017 Fyodor (Mar 27)
Hi folks. I'm delighted to report that Nmap has been accepted by Google to
participate in this year's Summer of Code internship program. This
innovative and extraordinarily generous program provides $5,500 stipends to
college and graduate students anywhere in the world who spend the summer
improving Nmap from home! They gain valuable experience, get paid,
strengthen their résumés, and write code for millions of users. We're one...

Nmap GSoC 2016 Success Report Fyodor (Feb 07)
Happy belated new year from the Nmap Project! I'd like to take this
opportunity to send you the belated results from our 2016 Summer of Code
team. I was going to send them right after the program finished, but some
of the students were still finishing some great things so I decided to
wait. As you may recall from the team intro mail (
http://seclists.org/nmap-announce/2016/2), we had 5 students last year and
I'm happy to report that...

Nmap 7.40 Holiday Release: a dozen new NSE scripts, hundreds of new fingerprints, new Npcap, faster brute forcing, and more... Fyodor (Dec 20)
Happy holidays from the Nmap Project! In case your Christmas break plans
involve a lot of port scanning, we're delighted to announce our holiday
Nmap 7.40 release! This version stuffs your stockings with dozens of new
features, including:

- 12 new NSE scripts
- Hundreds of updated OS and version detection detection signatures
- Faster brute force authentication cracking and other NSE library
improvements
- A much-improved...

Nmap 7.31 stability-focused point release Fyodor (Oct 21)
Hi folks. I'm happy to report that the big Nmap 7.30 release last month
was a great success. We didn't even see as many bugs as expected for such
a large release, but we have collected and fixed the ones which did arise
in the last few weeks into a new 7.31 point release. It includes the
latest updates to our new Npcap driver, a fix for Nping on Windows, and
more.

Nmap 7.31 source code and binary packages for Linux, Windows, and Mac...

Nmap 7.30 Released with new NSE scripts, new Npcap, new Fingerprints, etc. Fyodor (Sep 29)
Hi folks! You may have noticed that we've only been releasing Nmap betas
for the last 6 months because we've had so much new code and so many
features to integrate thanks to hard work from both our regular team and
the 5 Google Summer of Code summer interns. But we spent the last month
focused on stability and I'm pleased to announce Nmap 7.30--our first
stable release since 7.12 back in March.

Even though it's a stable...

Nmap 7.25BETA2 Birthday Release Fyodor (Sep 01)
Hi folks! I'm happy to report that today is Nmap's 19th birthday and
instead of cake, we're celebrating open source style with a new release!
Nmap 7.25BETA1 includes dozens of performance improvements, bug fixes, and
new features. The full list is below, and includes a major LUA upgrade for
NSE scripts, a new overlapped I/O engine for better Windows performance, a
much-improved version of our new Npcap packet capturing driver,...

Nmap 7.25BETA1 Released with our new Npcap driver, 6 new NSE scripts, and more! Fyodor (Jul 19)
Hi folks! As you may know, we've been working for the last 3 years on an
improved Windows packet capturing library named Npcap. It's based on the
original WinPcap (which hasn't been maintained in years), but we rewrote
the driver to use modern APIs (NDIS 6) for better performance. It also
improves security and enables new features. For example, Npcap allows Nmap
to do raw scans (including SYN scans and OS detection) of localhost...

Introducing the 2016 Nmap/Google Summer of Code Team! Fyodor (May 09)
Hello everyone. Google has agreed to sponsor five amazing students to
spend this summer enhancing the Nmap Security Scanner and I'm proud to
introduce our 2015 team:

*Abhishek Singh* will be working as a Feature Creeper and Bug Hunter,
making improvements throughout the Nmap codebase. The project hasn't even
started yet and he's already found and fixed several NSE script bugs and
has other code changes in the works. Abhishek is...

Nmap 7.10 released: 12 new scripts, hundreds of OS/version fingerprints, bug fixes, and more! Fyodor (Mar 17)
Hi Folks! Before I tell you about today's new Nmap release, I wanted to
share some Summer of Code news:

Google posted a fantastic story by one of our Summer of Code alumni about
how the program helped take him from rural China to a full-ride scholarship
at the University of Virginia graduate school! His mentor David and I had
the chance to meet him in San Francisco:...

Nmap Project Seeking Talented Programmers for Google Summer of Code 2016 Fyodor (Feb 29)
Hi folks. I'm delighted to report that Nmap has been accepted by Google to
participate in this year's Summer of Code internship program. This
innovative and extraordinarily generous program provides $5,500 stipends to
college and graduate students anywhere in the world who spend the summer
improving Nmap from home! They gain valuable experience, get paid,
strengthen their résumés, and write code for millions of users. We're one...

Full Disclosure — A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.

WordPress LearnDash LMS: Unauthenticated arbitrary file upload NinTechNet (Jan 09)
Software: LearnDash LMS (WordPress plugin)
Version: Up to 2.5.3
Vulnerability: Unauthenticated arbitrary file upload
Author URL: https://www.learndash.com/changelog/
Advisory: http://nin.link/learndash/

1. Overview:

This vulnerability has been exploited at least since Dec. 27th, 2017.
Here's a log sample showing the attack:
87.244.138.44 - - [27/Dec/2017:20:29:33 +0100] "POST / HTTP/1.0" 200
47095
87.244.138.44 - -...

Sangoma SBC Remote Command Execution - CVE-2017–17430 Security Team Appsecco (Jan 09)
## Description

Sangoma NetBorder / Vega Session Controller before 2.3.12-80-GA allows remote unauthenticated attackers to execute
arbitrary commands via the web interface.

## Technical Details

The `ShellExec` class implemented in `api/ShellExec.class.php` is extensively used by various PHP scripts in the
management web application to invoke external command line programs. The `Execute` method in this class invokes
external programs,...

CVE-2017-18016 - Paritytech Parity Ethereum built-in Dapp Browser <= v1.6.10 webproxy token reuse same-origin policy bypass oststrom (public) (Jan 09)
VuNote
======

Author: <github.com/tintinweb>
Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-18016
[5]
Version: 0.3
Date: Jun 16th, 2017

Tag: parity same origin policy bypass webproxy token reuse

Overview
--------

Name: parity
Vendor: paritytech
References: * https://parity.io/ [1]

Version: 1.6.8
Latest Version: 1.7.12 (stable) - fixed
1.8.5 (beta)...

APPLE-SA-2018-1-8-3 Safari 11.0.2 Apple Product Security (Jan 09)
APPLE-SA-2018-1-8-3 Safari 11.0.2

Safari 11.0.2 is now available and and addresses the following:

Available for: OS X El Capitan 10.11.6 and macOS Sierra 10.12.6
Description: Safari 11.0.2 includes security improvements to mitigate
the effects of Spectre (CVE- 2017-5753 and CVE-2017-5715).

We would like to acknowledge Jann Horn of Google Project Zero; and
Paul Kocher in collaboration with Daniel Genkin of University of
Pennsylvania and...

APPLE-SA-2018-1-8-2 macOS High Sierra 10.13.2 Supplemental Update Apple Product Security (Jan 09)
APPLE-SA-2018-1-8-2 macOS High Sierra 10.13.2 Supplemental Update

macOS High Sierra 10.13.2 Supplemental Update is now available
and addresses the following:

Available for: macOS High Sierra 10.13.2
Description: macOS High Sierra 10.13.2 Supplemental Update includes
security improvements to Safari and WebKit to mitigate the effects of
Spectre (CVE-2017-5753 and CVE-2017-5715).

We would like to acknowledge Jann Horn of Google Project Zero; and...

APPLE-SA-2018-1-8-1 iOS 11.2.2 Apple Product Security (Jan 09)
APPLE-SA-2018-1-8-1 iOS 11.2.2

iOS 11.2.2 is now available and and addresses the following:

Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Description: iOS 11.2.2 includes security improvements to Safari and
WebKit to mitigate the effects of Spectre (CVE-2017-5753 and
CVE-2017-5715).

We would like to acknowledge Jann Horn of Google Project Zero; and
Paul Kocher in collaboration with Daniel Genkin of...

WordPress Download Manager [CSRF] Panagiotis Vagenas (Jan 09)
* Exploit Title: WordPress Download Manager [CSRF]
* Discovery Date: 2017-12-12
* Exploit Author: Panagiotis Vagenas
* Author Link: https://twitter.com/panVagenas
* Vendor Homepage: https://www.wpdownloadmanager.com/
* Software Link: https://wordpress.org/plugins/download-manager
* Version: 2.9.60
* Tested on: WordPress 4.9.1
* Category: WebApps, WordPress

Description
-----------

Plugin implements the AJAX action `wpdm-install-addon` which...

Admin Menu Tree Page View [CSRF, Privilege Escalation] Panagiotis Vagenas (Jan 09)
* Exploit Title: Admin Menu Tree Page View [CSRF, Privilege Escalation]
* Discovery Date: 2017-12-12
* Exploit Author: Panagiotis Vagenas
* Author Link: https://twitter.com/panVagenas
* Vendor Homepage: http://eskapism.se/
* Software Link: https://wordpress.org/plugins/admin-menu-tree-page-view
* Version: 2.6.9
* Tested on: WordPress 4.9.1
* Category: WebApps, WordPress

Description
-----------

Plugin implements AJAX action...

CMS Tree Page View [CSRF, Privilege Escalation] Panagiotis Vagenas (Jan 09)
* Exploit Title: CMS Tree Page View [CSRF, Privilege Escalation]
* Discovery Date: 2017-12-12
* Exploit Author: Panagiotis Vagenas
* Author Link: https://twitter.com/panVagenas
* Vendor Homepage: http://eskapism.se/
* Software Link: https://wordpress.org/plugins/cms-tree-page-view
* Version: 1.4
* Tested on: WordPress 4.8.1
* Category: WebApps, WordPress

Description
-----------

Plugin implements AJAX action `cms_tpv_add_page` which calls back...

Social Media Widget by Acurax [CSRF] Panagiotis Vagenas (Jan 09)
* Exploit Title: Social Media Widget by Acurax [CSRF]
* Discovery Date: 2017-12-12
* Exploit Author: Panagiotis Vagenas
* Author Link: https://twitter.com/panVagenas
* Vendor Homepage: http://www.acurax.com/
* Software Link: https://wordpress.org/plugins/acurax-social-media-widget
* Version: 3.2.5
* Tested on: WordPress 4.9.1
* Category: WebApps, WordPress

Description
-----------

Plugin implements AJAX action `acx_asmw_saveorder` which calls...

Wapiti 3.0.0 released! Web vulnerability scanner Nicolas SURRIBAS (Jan 09)
Dear full-disclosure list,

I'm happy to announce that Wapiti 3.0.0 is now available for download.

This new release now relies on Python 3.

The majority of improvements were made to give you more control over
Wapiti's execution.

A session mechanism using sqlite3 allows you to stop the scan or/and
attacks and resume them later.

The new behavior, when you stop Wapiti during the attack process (with
Ctrl+C), is to let you choose...

FiberHome MIFI LM53Q1 Multiple Vulnerabilities Ibad Shah (Jan 09)
SUMMARY

FiberHome Suffers from improper permission handling resulting in modification

of password, exposing sensitive details by unauthorized access.

DETAILS

The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38
uses SOAP based web services in order to interact with the portal.

Unauthorized Access to Web Services can result disclosure of sensitive
information for example users connected to the device,

Username &...

beVX Security Conference - Call For Papers / Workshops Maor Shwartz (Jan 09)
We are proud to announce the first all offensive security conference - beVX!

20-21 September 2018 // Hong-Kong

beVX focuses on highly technical offensive security topics.

*Website*: bevxcon.com

*Call For Papers*

*Overview*
We are pleased to announce the CFP for the first edition of beVX. We are
looking for deep-knowledge technical talks - come and take part of the
journey

*Important Dates*

Call for Papers Opens: January 15 2018
Call for...

SSD Advisory – Sophos XG from Unauthenticated Persistent XSS to Unauthorized Root Access Maor Shwartz (Jan 09)
SSD Advisory – Sophos XG from Unauthenticated Persistent XSS to
Unauthorized Root Access

Full report: https://blogs.securiteam.com/index.php/archives/3612
Twitter: @SecuriTeam_SSD
Weibo: SecuriTeam_SSD

Vulnerability Summary
The following advisory describes an unauthenticated persistent XSS that
leads to unauthorized root access found in Sophos XG version 17.

Sophos XG Firewall “provides unprecedented visibility into your network,
users,...

Call For Paper - Nuit du Hack - June 30th - July 1st, 2018 Freeman (Jan 09)
The whole Hackerzvoice team wishes you a happy new year !

Hello everyone !

The 16th edition of The Nuit Du Hack will be held

We had great moments together in Disneyland Paris, but it’s time for us
to open a new chapter in our adventure !

For the first time, La Nuit Du Hack will take place in La Cité des
Sciences et de l’Industrie in Paris Center !

HZV team is proud to welcome you to a unique venue, especially the
Centre de Congrés of...

Other Excellent Security Lists

Bugtraq — The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!

WebKitGTK+ Security Advisory WSA-2018-0001 Carlos Alberto Lopez Perez (Jan 10)
------------------------------------------------------------------------
WebKitGTK+ Security Advisory WSA-2018-0001
------------------------------------------------------------------------

Date reported : January 10, 2018
Advisory ID : WSA-2018-0001
Advisory URL : https://webkitgtk.org/security/WSA-2018-0001.html
CVE identifiers : CVE-2017-5753, CVE-2017-5715.

Several vulnerabilities were...

DefenseCode ThunderScan SAST Advisory: WordPress Smooth Slider Plugin SQL injection Security Vulnerability DefenseCode (Jan 10)
DefenseCode ThunderScan SAST Advisory: WordPress Smooth Slider Plugin
             SQL injection Security Vulnerability

Advisory ID:    DC-2018-01-004
Advisory Title: WordPress Smooth Slider Plugin SQL injection
Security Vulnerability
Advisory URL:   http://www.defensecode.com/advisories.php
Software:       WordPress Smooth Slider plugin
Language:       PHP
Version:        2.8.6 and below
Vendor Status: ...

DefenseCode ThunderScan SAST Advisory: WordPress Testimonial Slider Plugin SQL injection Security Vulnerability DefenseCode (Jan 10)
DefenseCode ThunderScan SAST Advisory: WordPress Testimonial Slider
         Plugin SQL injection Security Vulnerability

Advisory ID:    DC-2018-01-005
Advisory Title: WordPress Testimonial Slider Plugin SQL injection
Security Vulnerability
Advisory URL:   http://www.defensecode.com/advisories.php
Software:       WordPress Testimonial Slider plugin
Language:       PHP
Version:        1.2.4 and below
Vendor...

DefenseCode ThunderScan SAST Advisory: WordPress Dbox 3D Slider Lite Multiple SQL injection Security Vulnerabilities DefenseCode (Jan 10)
DefenseCode ThunderScan SAST Advisory: WordPress Dbox 3D Slider Lite
        Multiple SQL injection Security Vulnerabilities

Advisory ID:    DC-2017-01-003
Advisory Title: WordPress Dbox 3D Slider Lite Plugin Multiple
SQL injection Security Vulnerabilities
Advisory URL:   http://www.defensecode.com/advisories.php
Software:       WordPress Dbox 3D Slider Lite plugin
Language:       PHP
Version:        1.2.2 and...

Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637) chunibalon (Jan 10)
Introduction:
================
The WVR-, WAR- and ER- products are the SOHO/WIFI routers of TP-Link.
These issues allow remote authenticated administrators to execute arbitrary commands via command injection through
different variables of different lua files.
If the attacker obtains the account and password of the router, then he can execute the arbitrary command through this
command injection vulnerability.
These vulnerabilities can be...

[security bulletin] HPESBHF03805 rev.4 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure. security-alert (Jan 09)
Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03805en_us
Version: 4

HPESBHF03805 rev.4 - Certain HPE products using Microprocessors from Intel,
AMD, and ARM, with Speculative Execution, Elevation of Privilege and
Information Disclosure.

NOTICE: The information in this...

[SECURITY] [DSA 4082-1] linux security update Salvatore Bonaccorso (Jan 09)
-------------------------------------------------------------------------
Debian Security Advisory DSA-4082-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
January 09, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : linux
CVE ID : CVE-2017-5754 CVE-2017-8824...

CVE-2017-17485: one more way of rce in jackson-databind when defaultTyping+objects are used Imre Rad (Jan 09)
Jackson-databind is a popular library in Java for JSON
marshalling/unmarshalling.

It has a feature called default-typing: when the target class has some
polymorph fields inside (such as interfaces, abstract classes or the
Object base class), the library can include type info into the JSON
structure and use that info at unmarshalling. This can be dangerous
when the input is controlled by an attacker and the target class
contains a field of type...

[SECURITY] [DSA 4080-1] php7.0 security update Moritz Muehlenhoff (Jan 09)
-------------------------------------------------------------------------
Debian Security Advisory DSA-4080-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
January 08, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : php7.0
CVE ID : CVE-2017-11144 CVE-2017-11145...

[slackware-security] irssi (SSA:2018-008-01) Slackware Security Team (Jan 09)
[slackware-security] irssi (SSA:2018-008-01)

New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/irssi-1.0.6-i586-1_slack14.2.txz: Upgraded.
This update fixes multiple security vulnerabilities.
For more information, see:
https://irssi.org/security/irssi_sa_2018_01.txt...

[SECURITY] [DSA 4081-1] php5 security update Moritz Muehlenhoff (Jan 09)
-------------------------------------------------------------------------
Debian Security Advisory DSA-4081-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
January 08, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : php5
CVE ID : CVE-2017-11142 CVE-2017-11143...

Response to Meltdown and Spectre Gordon Tetlow (Jan 09)
By now, we're sure most everyone have heard of the Meltdown and Spectre
attacks. If not, head over to https://meltdownattack.com/ and get an
overview. Additional technical details are available from Google
Project Zero.
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html

The FreeBSD Security Team was notified of the issue in late December
and received a briefing under NDA with the original embargo date of...

APPLE-SA-2018-1-8-3 Safari 11.0.2 Apple Product Security (Jan 08)
APPLE-SA-2018-1-8-3 Safari 11.0.2

Safari 11.0.2 is now available and and addresses the following:

Available for: OS X El Capitan 10.11.6 and macOS Sierra 10.12.6
Description: Safari 11.0.2 includes security improvements to mitigate
the effects of Spectre (CVE- 2017-5753 and CVE-2017-5715).

We would like to acknowledge Jann Horn of Google Project Zero; and
Paul Kocher in collaboration with Daniel Genkin of University of
Pennsylvania and...

APPLE-SA-2018-1-8-2 macOS High Sierra 10.13.2 Supplemental Update Apple Product Security (Jan 08)
APPLE-SA-2018-1-8-2 macOS High Sierra 10.13.2 Supplemental Update

macOS High Sierra 10.13.2 Supplemental Update is now available
and addresses the following:

Available for: macOS High Sierra 10.13.2
Description: macOS High Sierra 10.13.2 Supplemental Update includes
security improvements to Safari and WebKit to mitigate the effects of
Spectre (CVE-2017-5753 and CVE-2017-5715).

We would like to acknowledge Jann Horn of Google Project Zero; and...

APPLE-SA-2018-1-8-1 iOS 11.2.2 Apple Product Security (Jan 08)
APPLE-SA-2018-1-8-1 iOS 11.2.2

iOS 11.2.2 is now available and and addresses the following:

Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Description: iOS 11.2.2 includes security improvements to Safari and
WebKit to mitigate the effects of Spectre (CVE-2017-5753 and
CVE-2017-5715).

We would like to acknowledge Jann Horn of Google Project Zero; and
Paul Kocher in collaboration with Daniel Genkin of...

Info Security News — Carries news items (generally from mainstream sources) that relate to security.

Daily Dave — This technical discussion list covers vulnerability research, exploit development, and security events/gossip. It was started by ImmunitySec founder Dave Aitel and many security luminaries participate. Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.

Towards Heat Death David Aitel (Jan 03)
So much of internet security is pointing out to overly optimistic people
that they are trying to fight from their back, against a hungry T-Rex
who doesn't care about your brazilian jiu jitsu black belt, and has no
arms to armbar anyways.

Like, one of my favorite papers Immunity ever did was the Cloudburst [1]
paper, wherein various member of the DoD wanted to put SECRET and
UNCLASSIFIED networks on the same computer, separated by a...

YSTS 12th Edition - CFP Luiz Eduardo (Dec 18)
Where: Sao Paulo, Brazil

When: May 21st, 2018

Call for Papers Opens: December 15th, 2017

Call for Papers Close: February 28th, 2018

http://www.ysts.org

@ystscon

ABOUT THE CONFERENCE

you Sh0t the Sheriff is a very unique, one-day, event dedicated to
bringing cutting edge talks to the top-notch professionals of the
Information Security Community.

The conference’s main goal is to bring the attendees to the current
state of the information...

The Tower and the Town Jordan Wiens (Dec 11)
There's long been a bit of friction (some real, some manufactured) between
academic security research in the Ivory Tower and much of the rest of our
community practicing in the field.

Many many people have spent long hours paving the road from the tower to
the town and vice-versa. Bratus in particular seems to have dedicated his
career to the cause (thanks, Sergey!).

Some security cons have adopted a bit of needed rigor from the academic...

Re: Cows Jared DeMott (Dec 05)
I make this point a lot also - to folks feeling overwhelmed - keeping the
pace with info overload is new. It's a very interesting challenge. :)

Cows Dave Aitel (Dec 04)
So for a while it was like being on a treadmill trying to keep up with
the security communities technical advances. These days, it's like being
a guy on a skateboard while several fireman shoot you with firehoses
from different directions. Even staying current on one platform seems
impossible for super-experts.

I say this, because I noted someone pointing out that the DirtyCow patch
maybe didn't work, and maybe didn't work in an...

Re: Ants in your pants Kyle Creyts (Dec 01)
I think commodity malware have come much further than legitimate tools in
some regards, and are much further behind in others.

Notably, almost all commodity criminal implants have an specificity of
mission not commonly found in the group of attack frameworks you highlight.

The typical level of specificity is "I want to make money off this implant"
and one typical outcome of this ambiguity is having N ways to make money:
through...

Ants in your pants Dave Aitel (Dec 01)
Recently at RPISEC and on Twitter people have asked me what the design
differences are between INNUENDO and something like Meterpreter. I think
these are quite large really, and worth trying to explain. Really it boils
down to a fundamentally different algorithmic approach to distributed
computation.

So the following chart talks about various types of algorithms and how they
might apply to our world. An Emergent algorithm is one where lots of...

Biofilms Dave Aitel (Dec 01)
So let's say you are attacking a large network, and you have a number of
implants on that network. At some point, some of those implants get
coopted by the defenders (or by another attacker). You want to change
the behavior of your implants if enough of them are compromised or killed.

There are biological problems very similar to this: in particular,
biofilms <https://www.livescience.com/57295-biofilms.html>. A key
question of the...

The results of the 2017 Volatility Plugin Contest are in! Andrew Case (Nov 28)
We are excited to announce that the results of the 2017 Volatility Plugin Contest are in:

https://volatility-labs.blogspot.com/2017/11/results-from-5th-annual-2017-volatility.html
<https://volatility-labs.blogspot.com/2017/11/results-from-5th-annual-2017-volatility.html>

We had many novel submissions this year across a wide variety of operating systems, malware detection strategies, and
userland application artifacts.

Thanks to...

Technical Details on OceanLotus' Attacks Targeting ASEAN, Asian Nations, the Media, and Human Rights Groups Andrew Case (Nov 06)
We just published a blog post detailing the infrastructure, initial
infection strategies, and payloads of the resurgent OceanLotus threat group:

https://www.volexity.com/blog/2017/11/06/oceanlotus-blossoms-mass-digital-surveillance-and-exploitation-of-asean-nations-the-media-human-rights-and-civil-society/

A follow up post detailing the phishing activity and malware
infrastructure is coming soon.

Comments welcome!

We live in predictable times Dave Aitel (Nov 06)
Direct Prezi Link: http://prezi.com/oca976u3y3sw/

The whole point of a CTO in any of the security companies we all live in
is that you have a phased array radar constantly pointing at the future.
For what it's worth, the screenshot below is from the T2 Keynote a
couple weeks ago, pointing pretty clearly at Twitter as a strategic
target (in several ways). The video of the talk is not out yet, but if
you annoy the T2 staff they'll...

CFP and CFT for SyScan360 in Singapore 2018 Thomas (Nov 06)
hi readers of DD

SyScan360 in Singapore 2018 will be held March 17 - 23, 2018. It will be
a single track, 2-day conference with WhiskeyCon on the last day of the
conference. Training classes (3-day, 4-day and 5-day) will be held
before the conference.

The Call for Training (CFT) and Call for Papers (CFP) is opened.

The closing date for CFT is 15th November 2017.

The closing date for CFP is 31st November 2017.

Please visit...

IoT bill in US congress Charisse Castagnoli (Nov 03)
The IoT protection part of this bill is not interesting, but the amendments to the Computer Fraud and Abuse Act and the
DMCA are useful for researchers of IoT vulnerabilities

Feel free to write or call in support.

https://www.congress.gov/bill/115th-congress/senate-bill/1691/text
<https://www.congress.gov/bill/115th-congress/senate-bill/1691/text>

Relevant sections:
(2) COMPUTER FRAUD AND ABUSE ACT.—Section 1030 of title 18, United...

Re: Keynotes Moses Hernandez (Oct 30)
I have always wondered at what point does the CEO stop thinking strategy and start thinking culture. Does it happen all
at once, throughout the day, or does it come in shifts? Unless you believe CEO is all about strategy and not culture.
Does the culture in the company become a strategic and immutable (no pun intended) asset? I’ve been torn on this
concept in leadership, maybe because strategy and culture are actually two sides of the same...

Keynotes dave aitel (Oct 16)
So I'm about to do V6 of my T2 keynote - usually it takes about 10 full
runs until a keynote is good. This is why we are very very careful about
asking people to do keynotes. They typical first run of a keynote gets
feedback like "This is terrible. Just terrible. Awful". (Except Halvar's).

In any case, I've sent out versions of it to lots of different people
for feedback and I've noticed a few things. Probably the...

Microsoft Sec Notification — Beware that MS often uses these security bulletins as marketing propaganda to downplay serious vulnerabilities in their products—note how most have a prominent and often-misleading "mitigating factors" section.

Microsoft Security Update Summary for January 9, 2018 Microsoft (Jan 09)
********************************************************************
Microsoft Security Update Summary for January 9, 2018
Issued: January 9, 2018
********************************************************************

This summary lists security updates released for January 9, 2018.

Complete information for the January 2018 security update release can
Be found at
<https://portal.msrc.microsoft.com/en-us/security-guidance>.

Critical...

Microsoft Security Update Releases Microsoft (Jan 05)
********************************************************************
Title: Microsoft Security Update Releases
Issued: January 5, 2018
********************************************************************

Summary
=======

The following CVEs have undergone a major revision increment:

* CVE-2018-0758
* CVE-2018-0762
* CVE-2018-0767
* CVE-2018-0768
* CVE-2018-0769
* CVE-2018-0770
* CVE-2018-0772
* CVE-2018-0773
* CVE-2018-0774
* CVE-2018-0775
*...

Microsoft Security Advisory Notification Microsoft (Jan 05)
********************************************************************
Title: Microsoft Security Advisory Notification
Issued: January 5, 2018
********************************************************************

Security Advisories Released or Updated Today
==============================================

* Microsoft Security Advisory ADV180002

- Title: Guidance to mitigate speculative execution side-channel
vulnerabilities
- https:...

Microsoft Security Update Summary for January 3, 2018 Microsoft (Jan 03)
********************************************************************
Microsoft Security Update Summary for January 3, 2018
Issued: January 3, 2018
********************************************************************

This summary lists security updates released for January 3, 2018.

Complete information for the January 2018 security update release can
Be found at
<https://portal.msrc.microsoft.com/en-us/security-guidance>.

Critical...

Microsoft Security Advisory Notification Microsoft (Dec 12)
********************************************************************
Title: Microsoft Security Advisory Notification
Issued: December 12, 2017
********************************************************************

Security Advisories Released or Updated Today
==============================================

Please note that the URL for Microsoft security documents has changed.

* Microsoft Security Advisory 4056318

- Title: Guidance for securing...

Microsoft Security Update Summary for December 2017 Microsoft (Dec 12)
********************************************************************
Microsoft Security Update Summary for December 2017
Issued: December 12, 2017
********************************************************************

This summary lists security updates released for December 2017.

Complete information for the December 2017 security update release can
Be found at
<https://portal.msrc.microsoft.com/en-us/security-guidance>.

Critical...

Microsoft Security Update Summary for December 7, 2017 Microsoft (Dec 07)
********************************************************************
Microsoft Security Update Summary for December 7, 2017
Issued: December 7, 2017
********************************************************************

This summary lists security updates released for December 7, 2017.

Complete information for the December 2017 security update release can
Be found at
<https://portal.msrc.microsoft.com/en-us/security-guidance>.

Critical...

Microsoft Security Update Summary for December 6, 2017 Microsoft (Dec 06)
********************************************************************
Microsoft Security Update Summary for December 6, 2017
Issued: December 6, 2017
********************************************************************

This summary lists security updates released for December 6, 2017.

Complete information for the December 2017 security update release can
Be found at
<https://portal.msrc.microsoft.com/en-us/security-guidance>.

Critical...

Microsoft Security Advisory Notification Microsoft (Dec 01)
********************************************************************
Title: Microsoft Security Advisory Notification
Issued: December 1, 2017
********************************************************************

Security Advisories Released or Updated Today
==============================================

Please note that the URL for Microsoft security documents has changed.

* Microsoft Security Advisory 4053440

- Title: Securely opening...

Microsoft Security Update Minor Revisions Microsoft (Dec 01)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: November 29, 2017
********************************************************************

Summary
=======

The following CVEs have been revised in the October 2017 or the
November 2017 Security Updates.

* CVE-2017-8718
* CVE-2017-11870
* CVE-2017-11873
* CVE-2017-11882

Revision Information:
=====================...

Microsoft Security Update Releases Microsoft (Nov 28)
********************************************************************
Title: Microsoft Security Update Releases
Issued: November 28, 2017
********************************************************************

Summary
=======

The following CVE and security advisory have been revised in the
November 2017 Security Updates.

* CVE-2017-11882
* ADV170020

Revision Information:
=====================

CVE-2017-11882

- Title: CVE-2017-11882 |...

Microsoft Security Update Minor Revisions Microsoft (Nov 28)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: November 28, 2017
********************************************************************

Summary
=======

The following CVEs has been revised in the
November 2017 Security Updates.

* CVE-2017-11770

Revision Information:
=====================

CVE-2017-11770

- Title: CVE-2017-11770 | .NET CORE Denial Of Service...

Microsoft Security Update Minor Revisions Microsoft (Nov 22)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: November 21, 2017
********************************************************************

Summary
=======

The following CVE has been revised in the November 2017 Security
Updates.

* CVE-2017-11882

Revision Information:
=====================

CVE-2017-11882

Title: CVE-2017-11882 | Microsoft Office Memory Corruption...

Microsoft Security Update Releases Microsoft (Nov 16)
********************************************************************
Title: Microsoft Security Update Releases
Issued: November 16, 2017
********************************************************************

Summary
=======

The following security advisory has been revised in the October 2017
Security Updates.

* ADV170012

Revision Information:
=====================

ADV170012

- Title: ADV170012 | Vulnerability in TPM could allow Security...

Microsoft Security Update Minor Revision Microsoft (Nov 16)
********************************************************************
Title: Microsoft Security Update Minor Revisions
Issued: November 16, 2017
********************************************************************

Summary
=======

The following CVEs and Security Advisory have been revised in the
November 2017 Security Updates.

* CVE-2017-8700
* CVE-2017-11883
* ADV170020

Revision Information:
=====================

CVE-2017-8700

- Title:...

Funsec — While most security lists ban off-topic discussion, Funsec is a haven for free community discussion and enjoyment of the lighter, more humorous side of the security community

Verizon: 1.5M of Contact Records Stolen, Now on Sale Jeffrey Walton (Mar 26)
http://www.mobipicker.com/verizon-1-5m-contact-records-stolen-now-sale/:

A business to business telecommunication giant,
Verizon Enterprise Solutions, a Basking Ridge,
New Jersey-based company, has been the latest
victim of a cyber crime that stole 1.5 million contact
records of the customers of Verizon...

I don't quite understand this double talk. Could someone explain to me:

A spokesperson from Verizon said that...

Statement on Lavabit Citation in Apple Case Jeffrey Walton (Mar 16)
(From John Young on another list):
http://www.facebook.com/KingLadar/posts/10156714933135038

As many of you already know, the government cited the Lavabit case in
a footnote. The problem is their description insinuates a precedent
that was never created. Obviously I was somewhat disturbed by their
misrepresentation. So I decided to draft a statement. And keep in
mind, these are the same people who say "trust us." Click continue to
read...

The NSA's back door has given every US secret to our enemies Jeffrey Walton (Feb 29)
http://www.businessinsider.com/john-mcafee-nsa-back-door-gives-every-us-secret-to-enemies-2016-2

Deng Xiaoping, in 1979 - his second year as supreme leader of China -
perceived a fundamental truth that has yet to be fully grasped by most
Western leaders: Software, if properly weaponized, could be far more
destructive than any nuclear arsenal.

Under Deng’s leadership, China began one of the most ambitious and
sophisticated meta- software...

Can Spies Break Apple Crypto? Jeffrey Walton (Feb 27)
Here's an interesting exchange between Cryptome and Michael Froomkin,
Law Professor at University of Miami, on the All Writs Act
(http://cryptome.org/2016/02/can-spies-break-apple-crypto.htm):

-----

A. Michael Froomkin:

The factual posture in the key Supreme Court precedent, New York
Telephone, involved a situation where only the subject of the order
was capable of providing the assistance at issue. This is the basis
for Apple's...

The FBI's iPhone Problem: Tactical vs. Strategic Thinking Jeffrey Walton (Feb 23)
http://www.technewsworld.com/story/83130.html

I'm an ex-sheriff, and I've been in and out of security jobs for much
of my life, so I've got some familiarity with the issues underlying
the drama between the FBI and Apple. FBI officials -- and likely those
in every other three-letter agency and their counterparts all over the
world -- would like an easier way to do their jobs. Wouldn't we all?

If they could put cameras in...

Wanted: Cryptography Products for Worldwide Survey Jeffrey Walton (Jan 01)
(http://www.schneier.com/crypto-gram/archives/2015/1215.html):

In 1999, Lance Hoffman, David Balenson, and others published a survey
of non-US cryptographic products. The point of the survey was to
illustrate that there was a robust international market in these
products, and that US-only export restrictions on strong encryption
did nothing to prevent its adoption and everything to disadvantage US
corporations. This was an important contribution...

CERT Advisories — The Computer Emergency Response Team has been responding to security incidents and sharing vulnerability information since the Morris Worm hit in 1986. This archive combines their technical security alerts, tips, and current activity lists.

Open Source Security — Discussion of security flaws, concepts, and practices in the Open Source community

JSONRPC vulnerability in Electrum 2.6 to 3.0.4 Thomas Voegtlin (Jan 10)
A vulnerability has been found in Electrum, and patched in version
3.0.5. Please update your software if you are running an earlier version.

The following is a copy of the summary and guidelines we posted on our
website: https://github.com/spesmilo/electrum-docs/blob/master/cve.rst

A CVE number for the issue has been requested 2 days ago, and has not
been attributed yet.

JSONRPC vulnerability in Electrum 2.6 to 3.0.4...

WebKitGTK+ Security Advisory WSA-2018-0001 Carlos Alberto Lopez Perez (Jan 10)
------------------------------------------------------------------------
WebKitGTK+ Security Advisory WSA-2018-0001
------------------------------------------------------------------------

Date reported : January 10, 2018
Advisory ID : WSA-2018-0001
Advisory URL : https://webkitgtk.org/security/WSA-2018-0001.html
CVE identifiers : CVE-2017-5753, CVE-2017-5715.

Several vulnerabilities were...

CVE-2017-15717: Insufficient XSS protection for HREF attributes in Apache Sling XSS Protection API Radu Cotescu (Jan 10)
Severity: High

Vendor: The Apache Software Foundation

Versions Affected:
Apache Sling XSS Protection API 1.0.4 to 1.0.18,
Apache Sling XSS Protection API Compat 1.1.0,
Apache Sling XSS Protection API 2.0.0

Description:
A flaw in the way URLs are escaped and encoded in the
org.apache.sling.xss.impl.XSSAPIImpl#getValidHref and
org.apache.sling.xss.impl.XSSFilterImpl#isValidHref allows special crafted
URLs to pass as valid,
although they carry...

CVE-2017-18016 - Paritytech Parity Ethereum built-in Dapp Browser <= v1.6.10 webproxy token reuse same-origin policy bypass oststrom (public) (Jan 09)
VuNote
======

Author: <github.com/tintinweb>
Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-18016
[5]
Version: 0.3
Date: Jun 16th, 2017

Tag: parity same origin policy bypass webproxy token reuse

Overview
--------

Name: parity
Vendor: paritytech
References: * https://parity.io/ [1]

Version: 1.6.8
Latest Version: 1.7.12 (stable) - fixed
1.8.5 (beta)...

[SECURITY] CVE-2017-9796 Apache Geode OQL bind parameter vulnerability Anthony Baker (Jan 09)
CVE-2017-9796 Apache Geode OQL bind parameter vulnerability

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: Apache Geode 1.0.0 through 1.2.1

Description:
A malicious user with read access to specific regions within a Geode
cluster may execute OQL queries containing a region name as a bind
parameter that allow read access to objects within unauthorized
regions.

Mitigation:
Users of the affected versions should...

[SECURITY] CVE-2017-12622 Apache Geode gfsh authorization vulnerability Anthony Baker (Jan 09)
CVE-2017-12622 Apache Geode gfsh authorization vulnerability

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: Apache Geode 1.0.0 through 1.2.1

Description:
When an authenticated user connects to a Geode cluster using the gfsh
tool with HTTP, the user is able to obtain status information and
control cluster members even without CLUSTER:MANAGE privileges.

Mitigation:
Users of the affected versions should upgrade...

[SECURITY] CVE-2017-9795 Apache Geode OQL method invocation vulnerability Anthony Baker (Jan 09)
CVE-2017-9795 Apache Geode OQL method invocation vulnerability

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: Apache Geode 1.0.0 through 1.2.1

Description:
A malicious user with read access to specific regions within a Geode
cluster may execute OQL queries that allow read and write access to
objects within unauthorized regions. In addition a user could invoke
methods that allow remote code execution....

Re: Own on install. How grave it is? Kurt Seifried (Jan 09)
One thing to keep in mind: most operating systems can have their
install media updated, e.g. Windows slipstream where you make an
install media with all available updates, or you can install updates
without a network trivially (e.g. for RPM/DPKG based systems just have
a USB key with a copy of the updates and install them). To say nothing
of using orchestration tools that essentially can take care of it
themselves, or generating master images...

Re: Own on install. How grave it is? Simon McVittie (Jan 09)
I think Georgi was more concerned about the installation having a secure
design, but an insecure (vulnerable) implementation appearing on the
installation media due to either unfixed vulnerabilities, or
vulnerabilities that were fixed elsewhere but not on the installation
media?

For instance, the Debian installer installs packages from the install
media (CD, USB stick, whatever), then immediately updates them
from the Internet if possible; but...

Re: Own on install. How grave it is? Michal Hrušecký (Jan 09)
Hi,

we are manufacturers of Turris Omnia routers and our approach to minimise those attacks is that on factory reset, your
wan and wifi is disconnected till you setup your router. So your workflow after factory reset has to be connect localy
via wire, setup your own password and then recommended steps are sugested in this order - setup wan, update, setup
wifi. In theory somebody can beat you on LAN, but you should have enough common sense to...

Re: Own on install. How grave it is? Kurt Seifried (Jan 09)
Many OS installs/etc take a password during install, either manually
(e.g. prompting you at the command line), or the OS is installed using
tools that allow a password to be set (e.g. Red Hat kickstarter,
Satellite, CloudForms).

In general if an OS install does NOT give you any way to set a
password during install and forces you to install the product, boot it
and then login with blank credentials and set a password you end up
with a CVE since a...

Own on install. How grave it is? Georgi Guninski (Jan 09)
[don't know if this is ontopic. Not on the list so CC me].

This is well known, haven't seen it discussed.

In short doing clean install (factory defaults) has a window of
opportunity when the device is vulnerable to a known network attack.

It used to be common sense to reinstall after compromise (probably
doesn't apply to the windows world where the antivirus takes care).

All versions of windoze are affected by the SMB bug to my...

CVE-2012-3353: Apache Sling Content Loading Vulnerability Bertrand Delacretaz (Jan 08)
Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: Sling JCR ContentLoader 2.1.4

Description:
The Apache Sling JCR ContentLoader 2.1.4 XmlReader
used in the Sling JCR content loader module makes it
possible to import arbitrary files in the content repository,
including local files, causing potential information leaks.

Mitigation:
Users should upgrade to version 2.1.6 of the JCR ContentLoader

Re: Path traversal flaws in awstats 7.6 and earlier. Stefan Pietsch (Jan 07)
The awstats GitHub page has version 7.6:
https://github.com/eldy/awstats/tags

By not releasing a new version of awstats it gets unnecessarily
difficult to track the fix in distributions.

The author has proven that he is not able to handle security issues well
when I contacted him last year.
(https://github.com/Dolibarr/dolibarr/issues/6504)

On the project's security page there is no update so far:...

Re: Path traversal flaws in awstats 7.6 and earlier. John Lightsey (Jan 06)
I'd agree with you there. Whenever we report security issues to upstream
developers, we have no control over the process they use to resolve the
issue.

In this case, the upstream author committed a partial fix to a public
repo soon after we reported the problem. In my view, whenever an
upstream author does this, you just consider the issue to be public
whether or not official releases or announcements have been made.

I'll pass your...

Educause Security Discussion — Securing networks and computers in an academic environment.

Re: Dept of Edu Letters DOE sending letters about nonpublic info disclosures from Rasputin SQLi attack Aube, Jane M. (Jan 10)
Hi all,

Passing along the below information from NASFAA regarding unsolicited PII received via unencrypted email being a
reportable breach discussion:

From: NASFAA Today's News [mailto:news () nasfaa org]
Sent: Thursday, January 4, 2018 8:03 AM
Subject: Today's News for January 4, 2018

NEWS FROM NASFAA
Schools Not Required to Report Unsolicited Personally Identifiable Information-For
Now<...

Re: GDPR Question Adam Menos (Jan 09)

ISACA had provided this template for GDPR.

Adam Menos
Director of Information Security

116 S Michigan Ave | Chicago, IL 60603
Office: 312.499.4031
<mailto:amenos () artic edu> amenos () artic edu

<http://www.artic.edu/> AIC <http://www.saic.edu/> SAIC
<http://www.artic.edu/>
**** No member of the Information Services Department will ever request
password information via email ! Please contact TSS or CRIT...

Re: Anyone know what happened to the DNSCrypt website? Mike Beane (Jan 09)
Harry - I looked quickly yesterday at the WHOIS and the account showed an
UPDATE on 1/6/2018. Unsure of the circumstances.

*Mike Beane*
IT Infrastructure Manager
*Ph: *207-941-7613
*Husson University*
1 College Circle
Bangor ME 04401

Re: GDPR Question Joanna Grama (Jan 08)
I echo Chris' comments about the NACUA GDPR presentation at their annual meeting. It was quite informative!

Some of those same attorneys presented at the EDUCAUSE annual conference this past fall as well. You can find their
handouts at the bottom of this page:
https://events.educause.edu/annual-conference/2017/agenda/the-new-eu-general-data-protection-regulations-what-it-specialists-need-to-know

Kind regards,
Joanna

Joanna Grama, JD,...

Re: GDPR Question Chris Garriss (Jan 08)
National Association of College and University Attorneys had a quite
nice presentation at their annual meeting last year that addressed this
very issue. Short answer - anyone in EU, citizen or no, is covered.
This includes study abroad, and can raise some interesting issues.

Re: GDPR Question Ben Marsden (Jan 08)
How much of the DPD (GDPR's predecessor) case law can be applied to the
GDPR? David ( and Brad / others) suggests "consulting with a lawyer who
has a demonstrable track-record" which is fine, except for the part where
I don't think anyone can have a track record or real sense of the
operational risk -- or which bits of data are covered in outlier scenarios
-- until some of this starts getting actively litigated.

(Side wish,...

Minnesota State seeks Cloud Security Architect Ladwig, John M (Jan 08)
The land of the January thaw is beckoning... note the application process and link at end of posting.

-jml
Job description
Job Summary
Minnesota State is seeking a Cloud Security Architect to join its Information Security Risk & Compliance team. This
team provides information security services to the Minnesota State system office and all 37 colleges and universities
of the Minnesota State system.
As a Security Architect you will help...

Re: GDPR Question Jennifer Svensson (Jan 08)
Hi All,

Please find attached a recent white paper on GDPR Compliance that my
company, Lookout, recently published. This is not meant to be 'salesy' at
all, just sharing given the relevancy.
Thank you.

Kind Regards,

Re: GDPR Question Brad Judy (Jan 08)
For the literal specifics of how the law is applying to data processors outside of the EU, this is the text on
territorial scope for processors outside of the EU (there’s a different statement for processors within the EU):

Article 3:
2. This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or
processor not established in the Union, where the processing activities are related to:...

Re: GDPR Question Adam Maynard (Jan 08)
Article 3(2):
“This regulation applies to the processing of personal data of data subjects who are in the Union by a controller or
processor not established in the Union, where the processing activities are related to:

a. The offering of goods or services, irrespective of whether a payment of the data subject is required, to such data
subjects in the Union; or

b. The monitoring of their behavior as far as their behavior takes place within...

Re: GDPR Question David Sheryn (Jan 08)
Hi John,

As per my previous email (which seems to have gone MIA), the terms “resident” or “citizen” don’t appear in the GDPR.

Roughly, if a “Data Controller” is based in the EU, then all personal data that they process is subject to GDPR,
regardless of where they process it or where it comes from/how they got it in the first place. “Personal Data” created
in the EU (likely to occur if a data subject is present in the EU for...

Re: GDPR Question Brad Judy (Jan 08)
I don’t think there’s consensus on some of the statements made in that particular webcast. The law is about where
subjects reside, so the idea that data about a US resident transmitted from the EU to the US would be in-scope of this
law doesn’t fit with most of the reading/listening I have done on the topic. I personally felt the speaker for that
session took a hardline compared to the other commentaries I have seen on the topic.

Brad...

Re: GDPR Question John Denune (Jan 08)
Brad,

From the EDUCAUSE/Tambellini Group webinar, one of the scenarios presented involved a US faculty member visiting
Finland on sabbatical. While in Finland, the scenario concluded that:

* All personal data the faculty member sends back to the home institution falls under GDPR
* This includes the personal data of her US PhD students that she may send back to the US
* This also may include all personal data she has with her when...

Re: GDPR Question Brad Judy (Jan 08)
In the case of GDPR, I strongly recommend working with legal counsel about how your institution wishes to handle it.
International extra-jurisdictional law is an interesting space and while I think there is some consistency on the
interpretation of the intent of GDPR, it seems like different institutions have different views of what that means for
them.

As to Ben’s point about the law not applying to EU citizens residing outside the EU...

Re: GDPR Question Ben Marsden (Jan 08)
expanding a bit (and with the standard IANAL caveat, it is my evolving
understanding that...), the regulation also states that EU citizens living
abroad (ie, outside EU-covered states) are NOT covered by the regulation
while they remain abroad. Ie. ex-pats aren't covered, so your faculty
members who may have EU citizenship but live & work at your US-based
institution are not covered by GDPR (erm, unless they go visit the homeland
and...

Internet Issues and Infrastructure

NANOG — The North American Network Operators' Group discusses fundamental Internet infrastructure issues such as routing, IP address allocation, and containing malicious activity.

GAO Report: FCC Should Improve Monitoring of Industry Efforts to Strengthen Wireless Network Resiliency Sean Donelan (Jan 10)
https://www.gao.gov/products/gao-18-198
FCC Should Improve Monitoring of Industry Efforts to Strengthen Wireless
Network Resiliency

What GAO Found
The number of wireless outages attributed to a physical incident—a natural
disaster, accident, or other manmade event, such as vandalism—increased
from 2009 to 2016, as reported to the Federal Communications Commission
(FCC). During this time, the number of outages substantially increased...

ICANN 61 San Juan - TechDay Call for Presentations Jacques Latour (Jan 10)
Call for Presentations
TechDay
at ICANN 61
in San Juan, PR

The ICANN Tech Working Group is again planning a technical workshop at
the ICANN 61 meeting on Monday 2018-03-12 in San Juan, Puerto Rico.

The TechDay workshop has been a part of ICANN meetings for several
years and has provided a forum for both...

Re: Comparison of freeware open source switch software? Raymond Burkholder (Jan 09)
I believe that is Cumulus' business model where they ride the
requirement for the Broadcom license. So part of the license fee is for
Broadcom and part is for Cumulus.

Cumulus has used their licensing fees to develop and maintain tooling
for their ecosystem. In that process, they have released many of their
tools to the opensource world. Things like ifupdown2 and Free Range
Routing are a result of that model.

Pica8 does something...

Re: Comparison of freeware open source switch software? Andrey Khomyakov (Jan 09)
My understanding is the same as Ricky's. At least in the Broadcom word, you
have to license the SDK from Broadcom in order to develop against it and,
more importantly, have documentation of which register does what. I don't
know if you need to license it to program the ASIC (assuming you can do it
without SDK in a sensible fashion).

My understanding was that when you buy software such as Cumulus Linux, what
you are actually paying for...

Re: Comparison of freeware open source switch software? Oliver O'Boyle (Jan 09)
https://www.opennetworking.org/

Hardware works quite well. I have a number of whitebox units deployed based
off their designs and will be ordering more.

Re: Comparison of freeware open source switch software? Ricky Beam (Jan 09)
On Tue, 09 Jan 2018 02:17:59 -0500, Hank Nussbacher <hank () efes iucc ac il>
wrote:

It's my understanding that there simply is no such thing. Because none of
the HARDWARE has open source code. Sure, anyone can write software to
spirit packets between NICs (linux and *BSD has had that capability for
decades.) But doing that "at scale" with the various manufacturers SoCs
requires vendor specific code to setup and...

Re: GTV-ETH-2-COAX - Is this HomePNA? Ray Van Dolson (Jan 09)
Apologies for the corporatized email links. Stumbled across the manual
for this device and appears to be UPA DHS based (Powerline -- extended
to work over coax).

Ray

GTV-ETH-2-COAX - Is this HomePNA? Ray Van Dolson (Jan 09)
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.amazon.com_GefenTV-2DEthernet-2DExtender-2DDiscontinued-2DManufacturer_dp_B0013LYMQ8&d=DwIBAg&c=n6-cguzQvX_tUIrZOS_4Og&r=r4NBNYp4yEcJxC11Po5I-w&m=MLZzcgCKfcPGBwKCi3lSUygoJ78g6KFaevQZoryCq9s&s=HwKmGRftJEcyn2of9m9-zXwj2WV33LsB0QM-dB4cgWU&e=

Looking at doing a one-off extension over RG6 and have these devices in
hand. Anyone know if they're HPNA? Manual I have...

RE: Comparison of freeware open source switch software? Edwin Pers (Jan 09)
Neat! I'll have to keep my eyes on this in the future, it'd be cool if we could have VyOS handling routing on the
hardware and the vm hosts, would save me a bit of brainpower

-Ed

-----Original Message-----
From: NANOG [mailto:nanog-bounces () nanog org] On Behalf Of Raymond Burkholder
Sent: Tuesday, January 9, 2018 11:12 AM
To: nanog () nanog org
Subject: RE: Comparison of freeware open source switch software?

<snip>

RE: Comparison of freeware open source switch software? Raymond Burkholder (Jan 09)
I suppose that could be a fair statement, to a certain degree. But when you strip away all the abstracted things it
does, and get into the core of the product, you find an OpenFlow engine, which at the heart, is a mechanism for
defining traffic rules. Many of those rules translate easily into the kernel's forwarding information base. And the
kernel's FIB can easily be two-way sync'd with hardware.

So, to take this to the...

Re: Blockchain and Networking Christopher Morrow (Jan 09)
in particular RPKI -> https://tools.ietf.org/html/rfc6810

this part of the problem is BGPsec -> https://tools.ietf.org/html/rfc8205

yes, here's a useful use for blockchains... allocation of random numbers,
and logging of same in a globally available fashion.

Re: Blockchain and Networking Jörg Kost (Jan 09)
New devices like the former Brocade SLX even has its own hypervisor on
x86-intel and runs an Ubuntu VM for management and monitoring. You can
even install your own things, therefore new applications and purposes
will rise in the future.

I also believe that dockerization will come to the networks and we will
handle routing protocols more like containers that will be linked to the
host-os, adding reseller and namespace capabilities and so...

Re: Blockchain and Networking William Herrin (Jan 09)
That's a job for ordinary PKI. Any time you have a trusted central
authority to serve as an anchor, ordinary PKI works fine. The RIRs serve as
anchors for who has the right to authorize which prefixes.

A harder task is validating whether your peer is part of a legitimate AS
path to that origin. It's not obvious to me that blockchain could help
solve that problem, but it's at least a problem that isn't solved by
ordinary PKI....

RE: Comparison of freeware open source switch software? 7riw77 (Jan 09)
The overall architecture of openswitch, however, seems (to me) to be focused on software implementations, rather than
hardware.

You probably want to look at SONiC as well, as this is what LinkedIn is using; there are a lot of improvements
currently going into code. For FR Routing, the performance is changing rapidly, as there are a lot of commits going in
just about every week, and the community is quite active.

:-) /r

http://rule11.tech

RE: Comparison of freeware open source switch software? Raymond Burkholder (Jan 09)
Not necessarily true anymore. Look for SwitchDev, which is incorporated into the Linux kernel , is undergoing
continuous improvement, and allows the kernel to offload forwarding rules to the hardware.

This allows open source software like Open vSwitch and Free Range Routing to work natively/directly with hardware.

http://www.mellanox.com/page/press_release_item?id=1983

https://www.kernel.org/doc/Documentation/networking/switchdev.txt...

Interesting People — David Farber moderates this list for discussion involving internet governance, infrastructure, and any other topics he finds fascinating

The RISKS Forum — Peter G. Neumann moderates this regular digest of current events which demonstrate risks to the public in computers and related systems. Security risks are often discussed.

Risks Digest 30.52 RISKS List Owner (Dec 28)
RISKS-LIST: Risks-Forum Digest Tuesday 26 December 2017 Volume 30 : Issue 52

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/30.52>
The current issue can also...

Risks Digest 30.50 RISKS List Owner (Nov 22)
RISKS-LIST: Risks-Forum Digest Wednesday 22 October 2017 Volume 30 : Issue 50

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/30.50>
The current issue can also...

Risks Digest 30.49 RISKS List Owner (Nov 07)
RISKS-LIST: Risks-Forum Digest Tuesday 7 November 2017 Volume 30 : Issue 49

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/30.49>
The current issue can also be...

Risks Digest 30.48 RISKS List Owner (Oct 19)
RISKS-LIST: Risks-Forum Digest Thursday 19 October 2017 Volume 30 : Issue 48

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/30.48>
The current issue can also...

Risks Digest 30.47 RISKS List Owner (Sep 29)
RISKS-LIST: Risks-Forum Digest Friday 29 September 2017 Volume 30 : Issue 47

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/30.47>
The current issue can also...

Risks Digest 30.46 RISKS List Owner (Sep 11)
RISKS-LIST: Risks-Forum Digest Monday 11 September 2017 Volume 30 : Issue 46

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/30.46>
The current issue can also...

Risks Digest 30.44 RISKS List Owner (Aug 31)
RISKS-LIST: Risks-Forum Digest Thursday 31 August 2017 Volume 30 : Issue 44

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/30.44>
The current issue can also be...

Risks Digest 30.43 RISKS List Owner (Aug 14)
RISKS-LIST: Risks-Forum Digest Monday 14 August 2017 Volume 30 : Issue 43

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/30.43>
The current issue can also be...

Risks Digest 30.42 RISKS List Owner (Aug 07)
RISKS-LIST: Risks-Forum Digest Monday 7 August 2017 Volume 30 : Issue 42

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/30.42>
The current issue can also be...

Risks Digest 30.41 RISKS List Owner (Aug 01)
RISKS-LIST: Risks-Forum Digest Tuesday 1 August 2017 Volume 30 : Issue 41

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/30.41>
The current issue can also be...

Risks Digest 30.40 RISKS List Owner (Jul 28)
RISKS-LIST: Risks-Forum Digest Friday 28 July 2017 Volume 30 : Issue 40

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/30.40>
The current issue can also be...

Risks Digest 30.39 RISKS List Owner (Jul 22)
RISKS-LIST: Risks-Forum Digest Saturday 22 July 2017 Volume 30 : Issue 39

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/30.39>
The current issue can also be...

Risks Digest 30.38 RISKS List Owner (Jul 17)
RISKS-LIST: Risks-Forum Digest Monday 17 July 2017 Volume 30 : Issue 38

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/30.38>
The current issue can also be...

Risks Digest 30.37 RISKS List Owner (Jul 14)
RISKS-LIST: Risks-Forum Digest Friday 14 July 2017 Volume 30 : Issue 37

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/30.37>
The current issue can also be...

Risks Digest 30.36 RISKS List Owner (Jul 07)
RISKS-LIST: Risks-Forum Digest Friday 7 July 2017 Volume 30 : Issue 36

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/30.36>
The current issue can also be...

BreachExchange — BreachExchange focuses on all things data breach. Topics include actual data breaches, cyber insurance, risk management, metrics and more. This archive includes its predecessor, the Data Loss news and discussion lists.

Data Breaches Plague Organizations for Years Audrey McNeil (Jan 10)
https://www.scmagazine.com/data-breaches-plague-organizations-for-years/
article/734269/

Once an organization's network is breached, extinguishing the flames is
just the first step in a long, painful and costly journey to recovery.
There's still the wreckage to sift through, investigators to perform
analyses, insurance claims and, of course, a business to reconstruct and
secure. It isn't business as usual once operations are...

5 things healthcare organizations need to consider before embracing BYOD Audrey McNeil (Jan 10)
http://www.healthcarebusinesstech.com/5-things-healthcare-
organizations-need-to-consider-before-embracing-byod/

Bring your own device (BYOD) programs offer healthcare organizations
considerable benefits, but they also come with significant risks. In this
guest post, Brad Spannbauer, senior director of product management and
HIPAA privacy & compliance officer at an internet services provider,
details the potential pitfalls healthcare...

Reacting to a big breach Audrey McNeil (Jan 10)
https://www.helpnetsecurity.com/2018/01/08/reacting-big-breach/

As I write this, the industry is still wagging its fingers at the latest
big breach. But in the time that it takes to get this published, there
could easily be another colossal security disaster that leaves large
numbers of people’s private information exposed. And with every headline
announcing a security failure comes the anger and blame-storming, a lot of
it from security...

Analysis: Security Elements of 'Trusted Exchange Framework' Audrey McNeil (Jan 10)
https://www.databreachtoday.com/analysis-security-elements-trusted-exchange-
framework-a-10562

Federal regulators have released a draft of a trusted health data exchange
framework with some detailed security components that go beyond HIPAA
requirements. The goal is to advance secure, interoperable health data
exchange nationally so that clinicians have quicker access to potentially
life-saving information from multiple sources.

The voluntary...

Malware-infected beauty shop hadn’t backed up data in 2 years Audrey McNeil (Jan 10)
https://hotforsecurity.bitdefender.com/blog/malware-
infected-beauty-shop-hadnt-backed-up-data-in-2-years-19426.html

Not having a backup and recovery strategy has drastic business
implications, as an online vendor of makeup sponges from California found
out. Known online as ‘beautyblender,’ Rea.deeming Beauty, Inc. sent a
notification to California’s Office of the Attorney General informing the
department that their online shop had been...

Toymaker VTech Settles FTC Privacy Lawsuit For $650, 000 Audrey McNeil (Jan 10)
https://www.databreachtoday.com/toymaker-vtech-settles-
ftc-privacy-lawsuit-for-650000-a-10565

The U.S. Federal Trade Commission says it has reached a settlement with
Hong Kong toymaker VTech, which in late 2015 exposed sensitive personal
data for millions of children and parents because of a security
vulnerability.

The $650,000 settlement is the first one reached with the maker of an
internet-connected toy over security and privacy concerns,...

How To Ensure A Robust Cyber Security Ecosystem For Your Business Audrey McNeil (Jan 09)
https://channels.theinnovationenterprise.com/articles/points-to-consider-
for-developing-a-robust-cyber-security-ecosystem-for-your-business

Employees in small businesses in the United States alone number 28.8
million, according to the United States Small Business Administration.
Businesses that have fewer than 500 employees represent 99.7% of all
business entities in the United States, employing over 56.8 million people.
The prevalence of small...

Deception will be the security watchword of 2018 Audrey McNeil (Jan 09)
https://www.itproportal.com/features/deception-will-be-
the-security-watchword-of-2018/

It’s easy to assume that the future of cyber security will be set by the
ability to discover and defend against advanced new malware. After all, one
of the defining features of 2017’s cyber landscape were the huge WannaCry
and NotPetya attacks, which racked up billions in costs after grinding
organisations around the world to a halt. The attacks both used...

Intelligent defence in the era of global distributed cyber-crime Audrey McNeil (Jan 09)
https://www.scmagazineuk.com/intelligent-defence-in-the-
era-of-global-distributed-cyber-crime/article/708430/

In 2017, we have seen alarming cyber-attacks on a global scale, symptoms of
an organised threat landscape flush with crimeware and exploits with the
potential for worldwide reach. Perhaps the most worrying aspect of the
WannaCry and Petya attacks was that they involved known vulnerabilities
with highly publicised exploits. Yet,...

2018: A Cybersecurity Preview Audrey McNeil (Jan 09)
https://www.natlawreview.com/article/2018-cybersecurity-preview

As the world rings in 2018, privacy experts collectively brace for a new
year of information security challenges. While ransomware, denial of
service attacks, and endpoint security vulnerabilities will remain top of
mind in 2018, new threats and risk factors will also emerge. Likewise,
traditional hacking threats are likely to be more sophisticated in 2018,
with new and more...

The 5 Motives of Ransomware Audrey McNeil (Jan 09)
http://www.infosecisland.com/blogview/25021-The-5-Motives-of-Ransomware.html

When 2017 began, we knew that ransomware was going to be a major topic.
However, who would have foreseen the impact of both WannaCry and NotPetya?

WannaCry hit the world on May 12, infecting more than 230,000 systems in
over 150 countries. In the process, it caused havoc in the UK’s National
Health Service, using the EternalBlueexploit that was part of the Vault7...

The new DHS breach illustrates what's wrong with today's cybersecurity practices Audrey McNeil (Jan 09)
http://thehill.com/opinion/cybersecurity/367949-the-new-
dhs-breach-illustrates-whats-wrong-with-todays-cybersecurity

This month, the Department of Homeland Security notified affected employees
about a 2014 breach of 247,167 employee records. There are many interesting
details in the department’s disclosure, including the fact that there was
six-month privacy investigation between the discovery of the breach and the
notification, and the fact...

Casting an eye on the 2018 cyber landscape Audrey McNeil (Jan 08)
https://www.itproportal.com/features/casting-an-eye-on-
the-2018-cyber-landscape/

The battle lines of cybersecurity have again been redrawn over the past 12
months, having witnessed the continually destructive fallout resulting from
data breaches and endured the biggest ransomware attacks in history. Petya,
NotPetya and WannaCry demonstrate just how easy ransomware is to weaponise
and throw out into the wild, possessing the ability to create...

4 Most Important Security Factors Every Company Should Consider Audrey McNeil (Jan 08)
http://foundersguide.com/4-most-important-security-
factors-every-company-should-consider/

In the corporate world, security is always a primary concern, regardless of
industry or niche. It goes without saying that poor security exposes
businesses to a variety of avoidable risks that could result in significant
losses and/or damage to the company’s current status. However, despite
ongoing efforts to combat cyber criminals, hackers, data theft,...

The Stakes for Protecting Personally Identifiable Information Will Be Higher in 2018 Audrey McNeil (Jan 08)
https://blog.cloudsecurityalliance.org/2018/01/04/stakes-protecting-
personally-identifiable-information-will-higher-2018/

While it’s tough to predict what the most significant single threat of 2018
will be, it’s safe to say that 2017 was certainly a wake-up call for both
businesses and consumers when it comes to data breaches. From the rampant
misconfiguration of Amazon S3 data buckets to stolen email credentials, the
number of breaches and...

Open Source Tool Development

Wireshark — Discussion of the free and open source Wireshark network sniffer. No other sniffer (commercial or otherwise) comes close. This archive combines the Wireshark announcement, users, and developers mailing lists.

Re: bug found in dissector u3v Weber René (Jan 10)
Much thanks, I'll do this so.

Best Regards
Rene Weber

Von: Wireshark-dev [mailto:wireshark-dev-bounces () wireshark org] Im Auftrag von Pascal Quantin
Gesendet: Mittwoch, 10. Januar 2018 09:30
An: Developer support list for Wireshark
Betreff: Re: [Wireshark-dev] bug found in dissector u3v

Hi Rene,

Le 10 janv. 2018 09:25, "Weber René" <rweber () baumer com> a écrit :
Hi,
I have found a little issue in packet-u3v.c – is...

Re: bug found in dissector u3v Pascal Quantin (Jan 10)
Hi Rene,

Le 10 janv. 2018 09:25, "Weber René" <rweber () baumer com> a écrit :

Hi,

I have found a little issue in packet-u3v.c – is there someone interested ?

to generate the gencp_transaction_t record is req_id as key used – but the
req_id exists twice :

1. For cmd – ack from host to device

2. For events – (perhaps) acks form device to host

These two different req_id are now mixed and the transactions...

bug found in dissector u3v Weber René (Jan 10)
Hi,
I have found a little issue in packet-u3v.c – is there someone interested ?

to generate the gencp_transaction_t record is req_id as key used – but the req_id exists twice :

1. For cmd – ack from host to device

2. For events – (perhaps) acks form device to host
These two different req_id are now mixed and the transactions are not correct assigned

Best regards
Rene

[cid:image3129f9.GIF@2e57f5cd.498d0ee8]...

Re: Test Mark Murawski (Jan 09)
So weird! I sent the same message twice, and only when I changed the
url did it go through... perhaps coincidence. Let's see if this reply
makes it through.

Re: Test Maynard, Chris (Jan 09)
I'm not aware of any constraints with respect to URL's.

Here's a test of your message with the original URL you intended to write; let's see if this goes through ...
- Chris

Hi,

Is there anyone who knows of an updated sharktooks that works with the latest wireshark (2.2+) ?
https://github.com/armenb/sharktools

I've contacted the author and haven't heard anything back yet. Is there someone who may be willing to...

Re: Test Mark Murawski (Jan 09)
What are the constraints for posting on this list? It does look like
url links contained in a post body will cause the post to be completely
blocked with no explanation/notification.

Sharktools Mark Murawski (Jan 09)
Trying to post this for the third time. I adjusted the url that was
maybe causing my post to get (silently) dropped.

Hi,

Is there anyone who knows of an updated sharktooks that works with the
latest wireshark (2.2+) ?
h t t p s github dot com /armenb/sharktools

I've contacted the author and haven't heard anything back yet. Is there
someone who may be willing to help update sharktools to work with modern
wireshark?

I've...

Re: Test Mark Murawski (Jan 09)
I tried replying to this message with my other (real) message and it's
not going through. It must be tripping some anti-spam filters or
something like that.

Re: Compiling with or without extcap Guy Harris (Jan 09)
For what it's worth, libpcap 1.8 and later don't require that a local interface be openable before listing it in
pcap_findalldevs(), so, whilst you might still need dumpcap to *capture* packets, it should be possible to *enumerate*
interfaces directly within Wireshark/TShark with libpcap 1.8 and later, as you shouldn't need elevated privileges to
enumerate interfaces. This might speed up the process.

Re: Compiling with or without extcap Anders Broman (Jan 09)
Hi,
This is run on a standard Windows7 PC with just the default extcaps.
This is the interfaces with the Preference off
C:\Development\wsbuild64>run\RelWithDebInfo\dumpcap.exe -D
1. \Device\NPF_{33D2B022-D2AC-40A3-BE47-C81B4F2EC346} (Wireless Network Connecti
on)
2. \Device\NPF_{F592C5E2-78A5-4C2C-87B5-4BB8682C9020} (Bluetooth Network Connect
ion)
3. \Device\NPF_{F0030874-E9A6-4B3F-8441-45E492FE6157} (Local Area Connection)

And it’s with...

Re: Compiling with or without extcap Roland Knall (Jan 09)
I have 5 extcaps, and the difference is about half a second. Would be
interesting, what kind of devices you have in your extcap list.

But in general, I still think the main time is loading the rest of
interfaces, extcap is a very small part, just pushed the whole time over
the top.

cheers

Re: Compiling with or without extcap Anders Broman (Jan 09)
Hi,
Startup time with extcap:
14:29:56.217 Main Info Wireshark is up and ready to go, elapsed time 5485000 us

Startup time with the new extcap parameter OFF
14:30:40.559 Main Info Wireshark is up and ready to go, elapsed time 3521000 us

Still a lot of time is spent with the local interfaces

14:30:39.304 Main Info fill_in_local_interfaces() starts
:
14:30:40.216 Main Info fill_in_local_interfaces() ends, taking 0.912s...

Re: Test Kennedy, Smith (Wireless & Standards Architec) (Jan 08)
Ack.

Test Mark Murawski (Jan 08)
I don't believe my last message went through.

Testing

1
2
3

Re: One quick question Guy Harris (Jan 08)
Are you assuming that epan_get_frame_ts() returns a pointer to a freshly-allocated structure that must be freed when
the caller no longer needs it?

If so, no, it doesn't. You do not need to free the structure.

Snort — Everyone's favorite open source IDS, Snort. This archive combines the snort-announce, snort-devel, snort-users, and snort-sigs lists.

Re: Snort Signature for Meltdown and Spectre location Joel Esler (jesler) via Snort-sigs (Jan 10)
Edam,

I have verified that they are present in the currently available downloadable Subscriber Snort ruleset available on
Snort.org<http://Snort.org>.

Snort Signature for Meltdown and Spectre location Edam Colon via Snort-sigs (Jan 10)
Good Day,
I'm trying to find the snort signatures with the SIDs 45357 through 45368 for the Meltdown and Spectre that was
recently released. I see that it is supposed to be in the os-other.rules file but when I access the file the rules are
not there. Any help or direction to those signatures would be greatly appreciated. Thank you!
V/R
Edam_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort...

Re: Snort 2.9.11.1 ISSUES since new release on 4-Jan-2017 Joel Esler (jesler) via Snort-users (Jan 10)
Thank you for writing in.

Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Thanks!

Re: Snort 2.9.11.1 ISSUES since new release on 4-Jan-2017 Rachida Kankpe-Kombath via Snort-users (Jan 09)
Please unsubscribe

Snort Subscriber Rules Update 2018-01-09 Research (Jan 09)
Talos Snort Subscriber Rules Update

Synopsis:
Talos is aware of vulnerabilities affecting products from Microsoft
Corporation.

Details:
Microsoft Vulnerability CVE-2018-0758:
A coding deficiency exists in Microsoft Scripting Engine that may lead
to remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 45383 through 45384.

Microsoft Vulnerability...

Re: Locating SIDs 45357 through 45368 Joel Esler (jesler) via Snort-sigs (Jan 09)
They are in the subscriber ruleset, available for purchase on Snort.org<http://Snort.org>.

Locating SIDs 45357 through 45368 Edam Colon via Snort-sigs (Jan 09)
Good morning,
I am attempting to locate SIDs 45357 through 45368 in the os-other.rules file as indicated in the notes but I do not
see them there. Is there any help you could provide in obtaining those SIDs. Thank you!
V/R
Edam

Sent from Yahoo Mail on Android_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit...

Re: Win.Trojan.Fareit signature Tyler Montier (Jan 08)
Yaser,

Thanks for your submission. we will review the rules and get back to you
when they're finished.

Since you have pcaps, can you send them our way?

Sincerely,

Tyler Montier,
Cisco Talos

Re: DotNetNuke DreamSlider arbitrary file download signature Tyler Montier (Jan 08)
Yaser,

Thanks for your submission. we will review the rules and get back to you
when they're finished.

Thanks,

Tyler Montier,
Cisco Talos

Re: CVE-2018-3813 signature Tyler Montier (Jan 08)
Yaser,

Thanks for your submission. we will review the rules and get back to you
when they're finished.

Thanks,

Tyler Montier,
Cisco Talos

Re: CVE-2017-9097 signature Tyler Montier (Jan 08)
Yaser,

Thanks for your submission. we will review the rules and get back to you
when they're finished.

Do you have PCAPS available for this CVE?

Thanks,

Tyler Montier,
Cisco Talos

Re: CVE-2017-17974 signatures Tyler Montier (Jan 08)
Yaser,

Thanks for your submission. we will review the rules and get back to you
when they're finished.

Sincerely,

Tyler Montier,
Cisco Talos

Re: Snort 2.9.11.1 ISSUES since new release on 4-Jan-2017 Lucas K. Smith via Snort-users (Jan 07)
Mark,

Looks like one of the rules in particular (browser-ie.rules on the web management site for pfsense) is failing to load
citing the file is in an invalid format. Have you tried doing a rules force update?

Lucas

Snort 2.9.11.1 ISSUES since new release on 4-Jan-2017 Mark (Jan 07)

Snort Subscriber Rules Update 2018-01-04 Research (Jan 04)
Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Spectre and Meltdown CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754:
A design flaw exists in modern CPUs that may lead to information
disclosure.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 45357 through 45368.

For a complete list of new and modified...

More Lists

Related Resources

We're always looking for great network security related lists to archive. To suggest one, mail Fyodor.