Blog

A potential remote code execution vulnerability has been discovered in the popular GPL-licensed FTP server ProFTPD ProFTPD is running on over a million servers exposed to the internet. It is included in several Linux distros including Debian, Suse and Ubuntu. The flaw, tracked under CVE-2019-12815 lives in the mod_copy module. The flaw allows an unauthenticated user toRead more

Atlassian has released new versions of Jira Server and Jira Data Centre that address a critical vulnerability which has lived in the code for almost 8 years. The vulnerability, CVE-2019-11581 is a server-side template injection vulnerability. According to the security advisory from Atlassian: There was a server-side template injection vulnerability in Jira Server and Data Center,Read more

Microsoft’s July Patch Tuesday updates resolve 77 vulnerabilities in Windows software, including two zero-day vulnerabilities which are being actively exploited and remote code execution vulnerabilities in DHCP Server and MS SQL Server. DHCP Server RCE vulnerability If you have your Microsoft DHCP server configured with a failover server, an attacker can send a specially craftedRead more

The UK National Cyber Security Centre published an advisory this week regarding the ongoing and increasing risk of DNS hijacking. DNS is the system that converts domain names to IP addresses allowing the world wide web to function. Its architecture is designed to be distributed in order to be resilient and stable. This distributed andRead more

Software Supply chain attacks – do you know what you are importing? Many websites and applications routinely import additional code modules from external repositories.  These could be javascript libraries for a webpage or source code for an application. Two recent incidents illustrate the risks of supply chain attacks against the code of your applications andRead more

The record fine of £183,000,000 for a UK data breach signals a new era for the economics of information security. The first fine issued by the UK’s Information Commissioners Office (ICO) under the GDPR regime is 367 times higher than the previous maximum fine levied against Facebook in the aftermath of the Cambridge Analytica scandal.Read more

Checkpoint research have published an interesting demonstration of hacking a customer account for an EA online game by chaining together a series of conventional attacks including social engineering, phishing and session high-jacking.  What makes this demonstration noteworthy is the use of poor DNS hygiene in order to take control of a subdomain of EA.com. ForRead more

The June Patch Tuesday updates from Microsoft included a change to the Bluetooth LE stack which could prevent some of your Bluetooth devices from connecting – and you’ll be glad! When vendors publish specifications, such as the one for Bluetooth LE, it is common practice to include some example code to give adopters an ideaRead more

New versions of Tomcat 7x, 8x and 9x have been issued to fix a vulnerability when running Tomcat on a Microsoft Windows based system.  The vulnerability is related to the challenging way. Windows and Java interact to process and parse command line arguments. The result is a remote code execution vulnerability in the CGI Servlet. TheRead more

Researchers have published details of a newly discovered side channel attack they have named RAMBleed RAMbleed is the latest evolution of attacks building on Row Hammer that allow information in one area of physical memory to be influenced by access made to a different but nearby area of physical memory.  Because Row Hammer and related methodsRead more