Recently a hacker identified Vulnerability-related.DiscoverVulnerability the existence of two high-risk bugs and revealed Vulnerability-related.DiscoverVulnerability this information on Reddit ’ s forum posts . The hacker , who uses the alias Cipher0007 , managed to steal Attack.Databreach 200,000 private messages . These messages were exchanged between users/buyers and sellers . ZDNet reports that Cipher0007 disclosed Vulnerability-related.DiscoverVulnerability the vulnerabilities earlier this week and revealed on Reddit that these flaws could be used to steal private messages on AlphaBay . The messages weren ’ t protected by PGP keys , which made it easier for Cipher0007 to steal Attack.Databreach them in such large proportion . Must Read : AlphaBay posted Vulnerability-related.DiscoverVulnerability an official statement on Pastebin in which they admitted Vulnerability-related.DiscoverVulnerability the presence of these bugs and also confirmed that Cipher0007 has hacked Attack.Databreach around 218,000 messages . It must be noted that the hacked messages weren ’ t older than 30 days since the site ’ s system automatically purges messages that are more than 30 days old . To prove that he has managed to infiltrate AlphaBay and stole Attack.Databreach private messages , Cipher0007 posted numerous screenshots too . AlphaBay rewarded Cipher0007 for not selling the flaws or exposing Attack.Databreach the stolen data to the public . Cipher0007 then disclosed Vulnerability-related.DiscoverVulnerability the methods he used to exploit AlphaBay to the company and finally the developers at the trading platform managed to fix Vulnerability-related.PatchVulnerability the flaws . Cellular ” Customers This is not the first time when a Dark Web domain has been hacked

Simon Kenin , a security researcher at Trustwave , was – by his own admission – being lazy the day he discovered Vulnerability-related.DiscoverVulnerability an authentication vulnerability in his Netgear router . Instead of getting up out of bed to address a connection problem , he started fuzzing the web interface and discovered Vulnerability-related.DiscoverVulnerability a serious issue . Kenin had hit upon unauth.cgi , code that was previously tied to two different exploits in 2014 for unauthenticated password disclosure flaws . The short version of the 2014 vulnerability is that an attacker can get unauth.cgi to issue a number that can be passed over to passwordrecovered.cgi in order to receive credentials . Kenin tested their exploits and was able to get his password . [ Learn about top security certifications : Who they 're for , what they cost , and which you need . The following day he started gathering other Netgear devices to test . While repeating the process , he made an error , but that did n't prevent him from obtaining credentials . That accidental discovery Vulnerability-related.DiscoverVulnerability resulted in CVE-2017-5521 . `` After few trials and errors trying to reproduce the issue , I found Vulnerability-related.DiscoverVulnerability that the very first call to passwordrecovered.cgi will give out the credentials no matter what the parameter you send . This is totally new bug that I haven’t seen Vulnerability-related.DiscoverVulnerability anywhere else . When I tested both bugs on different NETGEAR models , I found Vulnerability-related.DiscoverVulnerability that my second bug works on a much wider range of models , '' Kenin explained in a recent blog post . There are at least ten thousand devices online that are vulnerable Vulnerability-related.DiscoverVulnerability to the flaw that Kenin discovered Vulnerability-related.DiscoverVulnerability , but he says the real number could reach the hundreds of thousands , or even millions . `` The vulnerability can be used by a remote attacker if remote administration is set to be Internet facing . However , anyone with physical access to a network with a vulnerable router can exploit it locally . This would include public Wi-Fi spaces like cafés and libraries using vulnerable equipment , '' Kenin wrote . Kenin reached out to Netgear and reported the problems , but it was no easy task . The first advisory listed 18 devices that were vulnerable Vulnerability-related.DiscoverVulnerability , followed by a second advisory detailing an additional 25 models . A few months later , in June 2016 , Netgear finally published an advisory that offered Vulnerability-related.PatchVulnerability a fix for a small subset of the vulnerable devices , and a workaround for others . Eventually , Netgear reported that they were going to fix Vulnerability-related.PatchVulnerability all the unpatched models . They also teamed up with Bugcrowd to improve their vulnerability handling process . Netgear has a status page on the vulnerability , they also provide a workaround for those who ca n't update their firmware yet . It was n't until after the story ran that the PR firm representing Trustwave and pitching the research named Simon Kenin as one who made the discovery Vulnerability-related.DiscoverVulnerability . Netgear issued a statement , downplaying the discovery some Vulnerability-related.DiscoverVulnerability , and reminding users that fixes are available Vulnerability-related.PatchVulnerability for most of the impacted devices . The emailed comments are reprinted below : NETGEAR is aware of the vulnerability ( CVE-2017-5521 ) , that has been recently publicized Vulnerability-related.DiscoverVulnerability by Trustwave . We have been working with the security analysts to evaluate the vulnerability . NETGEAR has published Vulnerability-related.DiscoverVulnerability a knowledge base article from our support page , which lists the affected routers and the available firmware fix Vulnerability-related.PatchVulnerability . Firmware fixes are currently available Vulnerability-related.PatchVulnerability for the majority of the affected devices . To download the firmware release that fixes Vulnerability-related.PatchVulnerability the password recovery vulnerability , click the link for the model and visit the firmware release page for further instructions .

The hacker leaked Attack.Databreach the FBI.GOV accounts that he found in several backup files ( acc_102016.bck , acc_112016.bck , old_acc16.bck , etc ) . Leaked records contain accounts data , including names , SHA1 Encrypted Passwords , SHA1 salts , and emails . The intrusion occurred on December 22 , 2016 , the hacker revealed Vulnerability-related.DiscoverVulnerability to have exploited Vulnerability-related.DiscoverVulnerability a zero-day vulnerability in the Plone Content Management System Going back to 22nd December 2016 , I tweeted about Vulnerability-related.DiscoverVulnerability a 0day vulnerability in Plone CMS which is considered as the most secure CMS till date . The vulnerability resides in Vulnerability-related.DiscoverVulnerability some python modules of the CMS . The hacker noticed that while media from Germany and Russia published the news about the hack , but US based publishers ignored it . According to CyberZeist , the FBI contacted him to pass on the leaks . `` I was contacted by various sources to pass on the leaks to them that I obtained after hacking FBI.GOV but I denied all of them . just because I was waiting for FBI to react on time . They didn ’ t directly react and I don ’ t know yet what are they up to , but at the time I was extracting my finds after hacking FBI.GOV , '' he wrote . The expert added further info on the attack , while experts at the FBI were working to fix Vulnerability-related.PatchVulnerability the issue , he noticed Vulnerability-related.DiscoverVulnerability that the Plone 0day exploit was still working against the CMS backend . ) , but I was able to recon that they were running Vulnerability-related.PatchVulnerability FreeBSD ver 6.2-RELEASE that dates back to 2007 with their own custom configurations . Their last reboot time was 15th December 2016 at 6:32 PM in the evening . `` While exploiting FBI.GOV , it was clearly evident that their webmaster had a very lazy attitude as he/she had kept the backup files ( .bck extension ) on that same folder where the site root was placed ( Thank you Webmaster ! ) , but still I didn ’ t leak out Attack.Databreach the whole contents of the backup files , instead I tweeted out Vulnerability-related.DiscoverVulnerability my findings and thought to wait for FBI ’ s response '' Now let ’ s sit and wait for the FBI ’ s response . I obviously can not publish Vulnerability-related.DiscoverVulnerability the 0day attack vector myself . The hacker confirmed Vulnerability-related.DiscoverVulnerability that the 0-day is offered for sale on Tor by a hacker that goes by the moniker “ lo4fer ” . Once this 0day is no longer being sold , I will tweet out Vulnerability-related.DiscoverVulnerability the Plone CMS 0day attack vector myself . Let ’ s close with a curiosity … CyberZeist is asking you to chose the next target . The hacker is very popular , among his victims , there are Barclays , Tesco Bank and the MI5 .

Huawei has just announced Vulnerability-related.DiscoverVulnerability a new vulnerability that is currently possible on both the Huawei Honor 7 and the Huawei Mate S. This is said Vulnerability-related.DiscoverVulnerability to be a privilege elevation vulnerability that is possible thanks to an arbitrary file upload in Huawei Themes . The vulnerability already has an update ready to fix Vulnerability-related.PatchVulnerability it and devices susceptible to this simply needs to apply Vulnerability-related.PatchVulnerability the latest update to be safe from it . As of right now , we don ’ t have any details about how quickly this update is going out to devices though . Huawei tells Vulnerability-related.DiscoverVulnerability us this vulnerability was initially reported Vulnerability-related.DiscoverVulnerability to Huawei PSIRT by Nicky ( Wu Huiyu ) . Nicky works in Tencent ’ s Security Platform Department and is responsible for finding Vulnerability-related.DiscoverVulnerability vulnerabilities in various products and services . We ’ re told Mr. Wu followed proper protocol to contact Huawei and coordinated the vulnerability disclosure Vulnerability-related.DiscoverVulnerability so they can keep their customers as safe as possible . We ’ re told this vulnerability impacts Vulnerability-related.DiscoverVulnerability the Huawei Honor 7 that is running software versions newer than PLK-UL00C17B385 . Meaning , if you have the Honor 7 from Huawei and have the PLK-UL00C17B385 firmware ( or newer ) , then your device is safe from this attack . This attack is also possible on the Huawei Mate S , but it was fixed Vulnerability-related.PatchVulnerability in software version CRR-L09C432B380 . So again , if you have the Mate S from Huawei and are running the CRR-L09C432B380 firmware ( or newer ) , then you ’ re safe as well . This was not a remote attack and you were only at risk when certain conditions were met . You would have had to have someone trick you into installing a malicious theme on your device for it to infect it . This was possible because of a lack of a “ theme pack check ” since it allowed the theme to include some malicious files which would have been executed once installed

While working on something completely unrelated , Google security researcher , Tavis Ormandy , recently discovered Vulnerability-related.DiscoverVulnerability that Cloudflare was leaking Attack.Databreach a wide range of sensitive information , which could have included everything from cookies and tokens , to credentials . Cloudflare moved quickly to fix Vulnerability-related.PatchVulnerability things , but their postmortem downplays the risk to customers , Ormandy said . The problem on Cloudflare 's side , which impacted Vulnerability-related.DiscoverVulnerability big brands like Uber , Fitbit , 1Password , and OKCupid , was a memory leak . The flaw resulted in the exposure of `` HTTP cookies , authentication tokens , HTTP POST bodies , and other sensitive data , '' Cloudflare said . About an hour after being alerted Vulnerability-related.DiscoverVulnerability by Ormandy , Cloudflare disabled three features on its platform ; email obfuscation , Server-side Excludes and Automatic HTTPS Rewrites , as they were using the broken HTML parser chain determined to be the cause of the problem .

Researchers at Trustwave are warning Vulnerability-related.DiscoverVulnerability of a hidden backdoor in VoIP devices produced by Chinese manufacturer DBL Technology which could allow access by the manufacturer or malicious third parties . The issue is with the authentication process , allowing a remote attacker to gain a shell with root privileges on an affected device , Trustwave researcher Neil Kettle explained Vulnerability-related.DiscoverVulnerability in a blog post . “ The Telnet interface of the GoIP is documented as providing information for users of the device through the use of logins ‘ ctlcmd ’ and ‘ limitsh ’ . However , an additional undocumented user , namely ‘ dbladm ’ is present which provides root level shell access on the device . Instead of a traditional password , this account is protected by a proprietary challenge-response authentication scheme , ” he explained . “ Investigation has shown this scheme to be fundamentally flawed in that it is not necessary for a remote user to possess knowledge of any secret besides the challenge itself and knowledge of the protocol/computation ” . This is apparently in contrast to more secure challenge-response schemes such as password-based log-ins where the user is asked for a password , which is then obscured to guard against “ network interception and replay attacks ” . The issue was first spotted Vulnerability-related.DiscoverVulnerability by Trustwave in an 8 port VoIP GSM Gateway from the company . However , it ’ s since been discovered Vulnerability-related.DiscoverVulnerability present in GoIP 1 , 4 , 8 , 16 and 32 and could affect Vulnerability-related.DiscoverVulnerability many more DBL Technology devices and OEM kit . More worryingly , when contacted last October , the firm did not fix Vulnerability-related.PatchVulnerability the issue . “ Verification of the patched version reveals that the challenge response mechanism is still present in the latest version albeit a little more complex . It seems DBL Technology engineers did not understand that the issue is the presence of a flawed challenge response mechanism and not the difficulty of reverse engineering it , ” explained Kettle . “ The main differences between the latest challenge response mechanism and the older variant is the level of complexity it employs : a simplistic MD5 with a linear equation changed to several 'round ' functions mixed with a modified version of the MD5 hash algorithm ”

A security lapse at content distribution network provider Cloudflare that resulted in customer data being leaked Attack.Databreach publicly for several months was bad - but had the potential to be much worse . That 's Cloudflare 's initial postmortem conclusion after a twelve-day review of log data related to the breach Attack.Databreach . The review showed no evidence that attackers had exploited Vulnerability-related.DiscoverVulnerability the flaw prior to it being discovered Vulnerability-related.DiscoverVulnerability and patched Vulnerability-related.PatchVulnerability , Cloudflare CEO and founder Matthew Prince said in a blog Wednesday . A `` vast majority '' of Cloudflare 's customers also did not appear to have had any of their data leaked Attack.Databreach . Cloudflare ’ s inspection of tens of thousands of pages that were leaked Attack.Databreach from its reverse-proxy servers and cached by search engines revealed a `` large number '' of instances of internal Cloudflare cookies and headers . But so far , according to Prince , there ’ s no evidence that passwords , credit card numbers , and other personal data were compromised as was initially feared . The Cloudflare security snafu stemmed from the manner in which a stream parser application that the company uses to modify content passing through its edge servers handled HTTP requests . The bug caused the parser to read memory not only from the HTML page that was being actually parsed , but also from adjacent memory that contained data in response to HTTP requests made by other customers . The flaw was triggered only when pages with certain specific attributes were requested through Cloudflare ’ s CDN . `` If you had accessed one of the pages that triggered the bug you would have seen what likely looked like random text at the end of the page , '' Prince said . A lot of the leaked data ended up getting cached by search engines and Web scrapers . A security researcher from Google ’ s Project Zero threat hunting team alerted Vulnerability-related.DiscoverVulnerability Cloudfare to the bug last month . The company claimed it fixed Vulnerability-related.PatchVulnerability the problem in a matter of hours after being notified Vulnerability-related.DiscoverVulnerability of the problem . Some have compared the breach to Heartbleed and have even called it Cloudbleed . In his blog , Prince compared the threat posed by the bug to that posed by a stranger eavesdropping on a random conversation between two employees . Most of the time , the stranger would likely hear nothing of value , but occasionally might pick up Attack.Databreach something confidential . The same would have been true for a malicious attacker , who had somehow known about Vulnerability-related.DiscoverVulnerability the bug and exploited Vulnerability-related.DiscoverVulnerability it before Cloudflare ’ s fix Vulnerability-related.PatchVulnerability , he said . The customers most at risk of having their data exposed Attack.Databreach were those that sent the most requests through Cloudflare ’ s CDN . Cloudflare ’ s detailed postmortem and mea culpa evoked a mixed response from security experts . Ilia Kolochenko , CEO of Web security firm High-Tech Bridge praised Prince ’ s effort to be transparent about what went down . `` Even if we can not verify the accuracy of all the numbers inside – for the moment , I don ’ t have a valid reason to question either its content , or conclusion , '' Kolochenko says . In fact , until someone can come up with a credible rebuttal of Cloudflare ’ s internal investigation , it ’ s inappropriate to compare what happened at the company to Heartbleed . `` I ’ d say it ’ s inappropriate even to call this particular incident a 'Cloudbleed , ' '' he says . `` In the Heartbleed case , almost every company in the world , many software vendors including cybersecurity companies , were seriously impacted by the vulnerability . '' Heartbleed also resulted in multiple breaches Attack.Databreach and many organizations continue to be exposed Attack.Databreach to the threat . Neither of those situations applies to the Cloudflare security lapse . `` All avenues of Cloudflare ’ s vulnerability exploitation seems to be mitigated Vulnerability-related.PatchVulnerability by now , '' he says . But Kunal Anand , CTO of application security vendor Prevoty , says the details Cloudflare has shared are n't exactly reassuring . If no sensitive information like credit numbers and Social Security Numbers were leaked Attack.Databreach and the leaked dataset itself was relatively small , there is no reason why Cloudflare should n't share it with a third-party for an unbiased review , he says . `` CloudFlare needs to realize that HTTP headers , including cookies , contain sensitive information like session identifiers , authorization tokens and IP addresses , '' Anand says . `` All of these data points should count as private data . '' CloudFlare has been working with various search engines to purge their caches , but in the process , any evidence of the data that was leaked Attack.Databreach is being deleted as well . That makes it hard to quantify the scope of the data breach Attack.Databreach outside of CloudFlare 's own logs . `` There 's a lot of speculation if nation-state sponsored engines will actually purge the data or copy it for further analysis , '' Anand says .

Warning Vulnerability-related.DiscoverVulnerability the device is susceptible to denial of service attacks , Cisco Systems on Wednesday released Vulnerability-related.PatchVulnerability a patch for its NetFlow Generation Appliance . The flaw traces back to the hardware ’ s Stream Control Transmission Protocol ( SCTP ) used by the appliance , according to a Cisco Security Advisory posted Vulnerability-related.DiscoverVulnerability Wednesday . Cisco warns Vulnerability-related.DiscoverVulnerability the vulnerability , “ could allow an unauthenticated , remote attacker to cause the device to hang or unexpectedly reload , causing a denial of service ( DoS ) condition ” . The bug ( CVE-2017-3826 ) is due to incomplete validation of SCTP packets being monitored on the NGA data ports , Cisco wrote . It impacts Vulnerability-related.DiscoverVulnerability Cisco NetFlow Generation Appliances NGA 3140 , NGA 3240 and NGA 3340 . NetFlow Generation Appliances are located within enterprise data centers and designed to monitor Gigabit Ethernet high-throughput networks . An attacker exploiting the vulnerability , “ could exploit this vulnerability by sending malformed SCTP packets on a network that is monitored by an NGA data port . SCTP packets addressed to the IP address of the NGA itself will not trigger this vulnerability . An exploit could allow the attacker to cause the appliance to become unresponsive or reload , causing a DoS condition , ” Cisco said . While there are no workarounds to fix Vulnerability-related.PatchVulnerability the vulnerability , Cisco is urging users to apply an update that fixes Vulnerability-related.PatchVulnerability the bug , Cisco NetFlow Generation Appliance Software release Vulnerability-related.PatchVulnerability 1.1 ( 1a ) . The company added that the fix does not apply Vulnerability-related.PatchVulnerability to NGA 3140 because that platform was sunsetted January 11 , 2014 . Last month , Cisco patched Vulnerability-related.PatchVulnerability an authentication bypass vulnerability in its Cisco Prime Home hardware . In January , Cisco patched Vulnerability-related.PatchVulnerability a flaw rated critical found in Vulnerability-related.DiscoverVulnerability is WebEx Chrome Plugin , used by tens of millions for web conferencing in business environments , that exposed computers to remote code execution . Cisco Systems released Vulnerability-related.PatchVulnerability a patch Monday to fix Vulnerability-related.PatchVulnerability a critical security vulnerability , with a CVSS rating of 10 , in its Secure Sockets Layer VPN solution called Adaptive Security Appliance

Warning Vulnerability-related.DiscoverVulnerability the device is susceptible to denial of service attacks , Cisco Systems on Wednesday released Vulnerability-related.PatchVulnerability a patch for its NetFlow Generation Appliance . The flaw traces back to the hardware ’ s Stream Control Transmission Protocol ( SCTP ) used by the appliance , according to a Cisco Security Advisory posted Vulnerability-related.DiscoverVulnerability Wednesday . Cisco warns Vulnerability-related.DiscoverVulnerability the vulnerability , “ could allow an unauthenticated , remote attacker to cause the device to hang or unexpectedly reload , causing a denial of service ( DoS ) condition ” . The bug ( CVE-2017-3826 ) is due to incomplete validation of SCTP packets being monitored on the NGA data ports , Cisco wrote . It impacts Vulnerability-related.DiscoverVulnerability Cisco NetFlow Generation Appliances NGA 3140 , NGA 3240 and NGA 3340 . NetFlow Generation Appliances are located within enterprise data centers and designed to monitor Gigabit Ethernet high-throughput networks . An attacker exploiting the vulnerability , “ could exploit this vulnerability by sending malformed SCTP packets on a network that is monitored by an NGA data port . SCTP packets addressed to the IP address of the NGA itself will not trigger this vulnerability . An exploit could allow the attacker to cause the appliance to become unresponsive or reload , causing a DoS condition , ” Cisco said . While there are no workarounds to fix Vulnerability-related.PatchVulnerability the vulnerability , Cisco is urging users to apply an update that fixes Vulnerability-related.PatchVulnerability the bug , Cisco NetFlow Generation Appliance Software release Vulnerability-related.PatchVulnerability 1.1 ( 1a ) . The company added that the fix does not apply Vulnerability-related.PatchVulnerability to NGA 3140 because that platform was sunsetted January 11 , 2014 . Last month , Cisco patched Vulnerability-related.PatchVulnerability an authentication bypass vulnerability in its Cisco Prime Home hardware . In January , Cisco patched Vulnerability-related.PatchVulnerability a flaw rated critical found in Vulnerability-related.DiscoverVulnerability is WebEx Chrome Plugin , used by tens of millions for web conferencing in business environments , that exposed computers to remote code execution . Cisco Systems released Vulnerability-related.PatchVulnerability a patch Monday to fix Vulnerability-related.PatchVulnerability a critical security vulnerability , with a CVSS rating of 10 , in its Secure Sockets Layer VPN solution called Adaptive Security Appliance

A generic wireless camera manufactured by a Chinese company and sold around the world under different names and brands can be easily hijacked and/or roped into a botnet . The flaw that allows this to happen is found Vulnerability-related.DiscoverVulnerability in a custom version of GoAhead , a lightweight embedded web server that has been fitted into the devices . This and other vulnerabilities have been found Vulnerability-related.DiscoverVulnerability by security researcher Pierre Kim , who tested one of the branded cameras – the Wireless IP Camera ( P2P ) WIFICAM . The extensive list of devices affected by Vulnerability-related.DiscoverVulnerability the flaw in the custom embedded web server can be found Vulnerability-related.DiscoverVulnerability here , and includes 1250+ camera models from over 300 vendors , including D-Link , Foscam , Logitech , Netcam , and Polaroid . “ This vulnerability allows an attacker to steal credentials , ftp accounts and smtp accounts ( email ) , ” Kim noted Vulnerability-related.DiscoverVulnerability . He also shared Vulnerability-related.DiscoverVulnerability a PoC exploit that leverages the flaw to allow an attacker to achieve root shell on the device . Other vulnerabilities present Vulnerability-related.DiscoverVulnerability include a RTSP server running on the camera ’ s TCP 10554 port , which can be accessed without authentication , allowing attackers to watch what the camera streams . There is also a “ cloud ” functionality that is on by default , through which the camera can be managed via a mobile Android app . The connection between the two is established through UDP , and will be automatically established to any app that “ asks ” if a particular camera is online . Effectively , the attacker just needs to know the serial number of the device . The established UDP tunnel can also be used by the attacker to dump the camera ’ s configuration file in cleartext , or to bruteforce credentials . “ The UDP tunnel between the attacker and the camera is established even if the attacker doesn ’ t know the credentials , ” Kim noted . “ It ’ s useful to note the tunnel bypasses NAT and firewall , allowing the attacker to reach internal cameras ( if they are connected to the Internet ) and to bruteforce credentials . Then , the attacker can just try to bruteforce credentials of the camera ” . Kim advises owners of these devices to disconnect them from the Internet . A simple search with Shodan revealed Vulnerability-related.DiscoverVulnerability that there are 185,000+ vulnerable cameras out there , ready to be hijacked . The vulnerabilities are not in GoAhead , but the custom version of the web server developed by the Chinese OEM vendor , so EmbedThis – the company that develops GoAhead – can do nothing to fix Vulnerability-related.PatchVulnerability this . Interestingly enough , SecuriTeam revealed Vulnerability-related.DiscoverVulnerability today the existence of an arbitrary file content disclosure Vulnerability-related.DiscoverVulnerability vulnerability affecting Vulnerability-related.DiscoverVulnerability older versions of the GoAhead web server . Discovered Vulnerability-related.DiscoverVulnerability by independent security researcher Istvan Toth , the vulnerability can be triggered by sending a malformed request to the web server , and it will disclose device credentials to the attacker in clear text . “ The GoAhead web server is present on multiple embedded devices , from IP cameras to printers and other embedded devices , ” SecuriTeam explained , and urged owners to remove the device from the network , “ or at the very least not allow access to the web interface to anyone beside a very strict IP address range ”