The tenacious EITest malware campaign is being refueled by the fact it is shifting from the Angler exploit kit to the Neutrino exploit kit.
Monthly Archives: May 2016
Fraudsters Stole ¥1.4 Billion from 1,400 Japanese ATMs in Just 3 Hours
In an era where major data hacks are on the rise, it is no surprise breaches on individuals are also up.
In just three hours, over 100 criminals managed to steal ¥1.4 Billion (approx. US$12.7 Million) from around 1,400 ATMs placed in small convenience stores across Japan.
The heist took place on May 15, between 5:00 am and 8:00 am, and looked like a coordinated attack by an international
Linknat VOS2009/VOS3000 SQL injection
Posted by Osama Khalid on May 23
A SQL injection was found in Linknat VOS3000/VOS2009, a popular VoIP
softswitch, that could allow remote attackers to gain access to the
credentials stored in plain-text.
Application: Linknat VOS3000/VOS2009
Versions Affected: 2.1.1.5, 2.1.1.8, 2.1.2.0
Vendor URL: http://www.linknat.com/
Bug: SQLi (with DBA privileges)
Type: Remote
Resolution: Fixed, upgrade to 2.1.2.4
Reference: WooYun-2015-145458 -…
Multiple Reflected XSS vulnerabilities in Infobae Website
Posted by Niemand Nie on May 23
ADVISORY INFORMATION
===================
Title: Multiple Reflected XSS vulnerabilities in Infobae Website
Date published: 2016-20-05
Vendors contacted: No answer received
Vendors website: http://www.infobae.com/
Discovered by: Joel Noguera [Independent Security Researcher]
Severity: Medium
AFFECTED PRODUCT
===================
Infobae it is a website of a famous newspaper from Argentina. It is well
known and has thousand of readers per day….
[RCESEC-2016-001] Postfix Admin v2.93 Generic POST Cross-Site Request Forgeries
Posted by Julien Ahrens on May 23
RCE Security Advisory
https://www.rcesecurity.com
1. ADVISORY INFORMATION
=======================
Product: Postfix Admin
Vendor URL: sourceforge.net/projects/postfixadmin/
Type: Cross-Site Request Forgery [CWE-253]
Date found: 2016-04-23
Date published: 2016-05-21
CVSSv3 Score: 4.6 (AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N)
CVE: –
2. CREDITS
==========
This vulnerability was discovered and researched by Julien…
MediaLink router MWN-WAPR300N – Several Vulnerabilities
Posted by David Spector on May 23
*MediaLink router MWN-WAPR300N – Several Vulnerabilities*
The vulnerabilities reported here are for the firmware version currently
being shipped by Amazon.com. This is hardware version 2.0, firmware
version V5.07.51_en_MDL01 . I have no knowledge of the behavior of
previous versions of this router. U.S. CERT/CC states that the
vulnerabilities I am reporting here have not previously been reported to
them.
*About*
The MediaLink wireless…
poisoning / hijacking DNS locally of a third party domain: in shared and custom web hosting and in ISP, in automated /custom control panel software
Posted by Bipin Gautam on May 23
Hi,
vulnerability summary : a design / process flaw
Severity : Moderate / High
In most automated control pannel software, for shared and custom web
hosting and in ISP, anyone can register / signup any domain after you
have a paid account for website hosting
– and the dns record of the added domain gets synced indiscriminately
in the local / ISP master DNS name server /resolver (for that
webhosting and ISP locally)
when any local website in…
[ERPSCAN-16-010] SAP NetWeaver AS JAVA – information disclosure vulnerability
Posted by ERPScan inc on May 23
Application:SAP NetWeaver AS JAVA
Versions Affected: SAP NetWeaver AS JAVA 7.1 – 7.5
Vendor URL: http://SAP.com
Bugs: information disclosure
Sent: 15.09.2015
Reported: 15.09.2015
Vendor response: 16.09.2015
Date of Public Advisory: 09.02.2016
Reference: SAP Security Note 2256846
Author: Vahagn Vardanyan (ERPScan)
Description
1. ADVISORY INFORMATION
Title: SAP NetWeaver AS JAVA – information disclosure vulnerability
Advisory…
[ERPSCAN-16-011] SAP NetWeaver AS JAVA – SQL injection vulnerability
Posted by ERPScan inc on May 23
Application: SAP NetWeaver AS JAVA
Versions Affected: SAP NetWeaver AS JAVA 7.1 – 7.5
Vendor URL: http://SAP.com
Bugs: SQL injection
Send: 04.12.2015
Reported: 04.12.2015
Vendor response: 05.12.2015
Date of Public Advisory: 09.02.2016
Reference: SAP Security Note 2101079
Author: Vahagn Vardanyan (ERPScan)
Description
1. ADVISORY INFORMATION
Title: SAP NetWeaver AS JAVA – SQL injection vulnerability
Advisory…
Stegano 0.5.4
Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.