Posted by Summer of Pwnage on Nov 08
————————————————————————
Cross-Site Scripting vulnerability in Caldera Forms WordPress Plugin
————————————————————————
Jurgen Kloosterman, July 2016
————————————————————————
Abstract
————————————————————————
A Cross-Site Scripting vulnerability was found in…
Posted by Summer of Pwnage on Nov 08
————————————————————————
YITH WooCommerce Compare WordPress Plugin unauthenticated PHP Object
injection vulnerability
————————————————————————
Yorick Koster, June 2016
————————————————————————
Abstract
————————————————————————
A PHP Object injection…
On November the 2nd we witnessed a new spam campaign delivering emails each with a Word document attachment targeting UK companies. Each email message had the subject “Companies House – new company complaint” and the Word document attachment was titled “Complaint.doc”. When users open the document, this is what they see:
If the user follows the instructions given, the macro in the document will be executed. It will download a file called dododocdoc.exe which will be saved in %temp% as sweezy.exe and then executed. This file is a variant of the TrickBot malware family. Once executed it will install itself in the computer and will inject a dll into the system process svchost.exe. From there it will connect to the command and control server.
This has not been a massive campaign, but it has been targeted to UK companies – we’ve just seen a few hundred e-mails to our clients, and all of them were protected proactively without needing any signature or update. However taking a look at the potential victims, all of the emails were to companies, no home users were targeted, and it turns out that most of them were to businesses in the UK. There were 7 cases in Spain, and one in Belgium, Ireland and Thailand. The campaign was short, the first case happened at 10:55am and the last one at 12:11pm (GMT).
The macro uses PowerShell to execute the malware, which is a common technique that is becoming more and more popular recently, being used in ransomware attacks or even to infect Point of Sale terminals.
From Panda Security we recommend that businesses ensure all software is updated, have a reputable security solution in place and hold regular staff security awareness training.
The post TrickBot, new spam campaign against companies appeared first on Panda Security Mediacenter.
Posted by Nightwatch Cybersecurity Research on Nov 08
[Original at:
https://wwws.nightwatchcybersecurity.com/2016/11/07/crashing-android-devices-with-large-pac-files-cve-2016-6723/]
Summary
Android devices can be crashed forcing a halt and then a soft reboot
by downloading a large proxy auto config (PAC) file when adjusting the
Android networking settings. This can also be exploited by an MITM
attacker that can intercept and replace the PAC file. However, the bug
is mitigated by multiple factors…
Posted by Sanehdeep Singh on Nov 08
Overview
========
* Title : Cross Site Scripting Vulnerability In Verint Impact 360
* Author: Sanehdeep Singh
* Plugin Homepage: http://www.verint.com
* Severity: Medium
* Version Affected: 11.1
* Version patched: Patches available. Contact Vendor
Description
===========
About the Product
=================
Verint Impact 360 is a quality monitoring/call recording, workforce
management, performance management, and eLearning help optimize…
Posted by Pedro Ribeiro on Nov 08
tl;dr
A stack bof in several Dlink routers, which can be exploited by an
unauthenticated attacker in the LAN. There is no patch as Dlink did not
respond to CERT’s requests. As usual, a Metasploit module is in the
queue (see [9] below) and should hopefully be integrated soon.
The interesting thing about this vulnerability is that it affects both
ARM and MIPS devices, so exploitation is slightly different for each type.
Link to CERT’s…
We recently decided to make our DNS infrastructure inside each of our core data centers more robust and therefore installed three virtual servers on three different hypervisors to function as DC-local recursive DNS servers. We chose an unbound DNS recursive resolver for this task, as we had positive experience with it from the past and we already had collectd scripts for its performance monitoring, as well as the necessary puppet modules.
[security bulletin] HPSBUX03665 rev.1 – HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS) and URL Redirection
MySQL / MariaDB / PerconaDB – Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 )
KL-001-2016-008 : Sophos Web Appliance Privilege Escalation
