Vulnerability

XML External Entity Attack

XML External Entity Attack

It is the type of attack which parses the XML input and allows an attacker to interfere with an application's processing of XML data. It occurs when untrusted XML input containing a reference to an external entity is processed by a weekly configured XML. This attack may lead to leakage of confidential data from the server, denial of service, Server-side request forgery (SSRF), port scanning.
The Safest way to prevent this is always to disable the Document Type Definitions (External Entities) completely.
If it is not possible to disable DTDs completely, then external entities and external document type definitions must be disabled.
Please click the below link to read more

Authored by : Faizan Qazi, TCS Cyber Security

Apache Tomcat Vulnerability (CVE 2019 0232)

Apache Tomcat is an open-source implementation of the Java Servlet, JavaServer Pages, Java Expression Language, and Java WebSocket technologies. The Apache Tomcat software is developed in an open and participatory environment and released under the Apache License Version 2.

Authored by: Binayak Banerjee

Please click the below PDF to read more

Wild exploitation of SAP business application

Wild exploitation of SAP business application

On May 11, 2016, US-CERT has released an alert of vulnerability in SAP business applications. This vulnerability was first identified back in 2010 and a patch was also released at the same time. This vulnerability was being leveraged to exploit the SAP Systems of many huge organizations.

The question arises that if this vulnerability was patched five years ago, why releasing an alert again?

To answer that question, we have to refer a research report of Onapsis which indicates the exploitation of the same vulnerability in over 36 organizations’ SAP System. Report indicates the misuse of Invoker Servlet, built in functionality of SAP java platform.  The prime reason of the exploit was that SAP systems were still outdated or misconfigured which led to the abuse of this vulnerability.

Are you safe from DROWN attack ?

Are you safe from DROWN attack ?

DROWN stands for "Decrypting RSA with Obsolete and Weakened Encryption." You should not panic from DROWN attack but treating of the vulnerability is necessary for affected applications. It is a serious vulnerability and affects HTTPS that relies on SSL and TLS. Everyone on the Internet uses these protocols to browse the web, email etc and send instant messages by preventing third-parties being able to read the communication. This attack allows attacker to read or even steal sensitive communications, which may include passwords, credit card information, trade secrets etc by breaking encryption.

The attack is not insignificant and can be launched against high-value targets. Before you strive for its remediation, you should first ensure that your systems are not vulnerable. Fortunately, it's remediation is very simple and straightforward: just disable SSL v2 on all servers you have.

WhatsApp Users Vulnerable to vCard Vulnerability

WhatsApp Users Vulnerable to vCard Vulnerability

WhatsApp recently claimed to have hit 900 Million monthly active users, but a dangerous security flaw in the web version of the popular instant messaging app puts up to 200 Million of its users at risk.
Yes, the web-based extension of WhatsApp is vulnerable to an exploit that could allow hackers to trick users into downloading malware on their computers in a new and more sophisticated way.
WhatsApp made its web client, WhatsApp Web, available to iPhone users just last month, after first rolling out its web-based instant messaging service for Android, Windows and BlackBerry Phone earlier in the year.
Read more on http://thehackernews.com/2015/09/whatsapp-vcard-vulnerability.html

A New Attack Vector - Cross Site Flashing

A New Attack Vector - Cross Site Flashing

Flash Applications are used all around the web. These applications could be very complex and insecure. There is no real awareness about flash security.

What fascinates me to write this article is the name i.e. Cross Site Flashing similar to Cross Site Scripting.

Cross Site Flashing is an incredibly common vulnerability. It occurs due to the presence of flash content embedded inside a Web Application which tries to load flash content from  from another domain based on user’s input without any validation. 

Vulnerability that can lead victim to an Accident

This is the Future of 'Internet of Things'

‘UConnect’ is an infotainment system that brings interactive ability to the in-car radio and telemetric-like controls to car settings.

There has a vulnerability been identified which, on being exploited, can really mess with your car controls. A group of Vulnerability researcher has displayed how to remotely hack such a system, sitting in a room miles away.

A vulnerable element in UConnect device, lets anyone who knows the car’s IP address gain access from anywhere via the Sprint cellular connection used by Uconnect. At first, hacker is very much capable to rewrite the car’s head unit firmware to implant the malicious code, which is capable of sending custom commands through the CAN bus, the car’s internal computer network, to the physical components like the engine and wheels.

Vulnerability Management - Step 0

Vulnerability Management - Step 0

Compliance is critical, necessary and not evil. Every organization wants to meet the compliance requirements and doing risk assessments, vulnerability management are key to achieve critical requirements.

Most of the times the organizations just see Vulnerability Management as another checkbox in pursue of compliance and forget or ignore many different aspects or they don’t have concrete foundations to carry out a well drilled and oiled Vulnerability Management process and the process complicates or fails mid-way.  Our job is to make the process as smooth as possible and sometimes it is better to start at step 0.

libuser - Library Vulnerability in Red Hat 6 and 7

Red Hat has recently patched two vulnerabilities related to the libuser library, which could be exploited by an attacker to escalate privileges to root. libuser is a library that provides read and write access to files like /etc/passwd, which constitute the system user and group database. Qualys security firm Researchers have discovered this vulnerability.The vulnerability affect all versions of the libuser library included in RHEL 6 and 7. All System administrators can apply updates from operating system vendor to address this vulnerability.

Pages

Subscribe to RSS - Vulnerability