For penetration testers looking for a stable and supported Linux testing platform, the industry agrees that Kali is the go-to platform. However, if you’d prefer to use Windows as an operating system, you may have noticed that a worthy platform didn’t exist. As security researchers, every one of us has probably spent hours customizing a […]
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: PowerFlex 525 AC Drives Vulnerability: Resource Exhaustion 2. RISK EVALUATION Successful exploitation of this vulnerability could result in resource exhaustion, denial of service, and/or memory corruption. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of PowerFlex 525, […]
1 / 2 Show Caption + Hide Caption – (Photo Credit: Photo courtesy of USASOC History Office) VIEW ORIGINAL 2 / 2 Show Caption + Hide Caption – (Photo Credit: Photo courtesy of USASOC History Office) VIEW ORIGINAL Fort Bragg, N.C. (USASOC News Service, March 28, 2019) — Former Special Forces Master Sgt. Roy P. […]
WinRAR, an over 20-year-old file archival utility used by over 500 million users worldwide, recently acknowledged a long-standing vulnerability in its code-base. A recently published path traversal zero-day vulnerability, disclosed in CVE-2018-20250 by Check Point Research, enables attackers to specify arbitrary destinations during file extraction of ‘ACE’ formatted files, regardless of user input. Attackers can easily achieve persistence and code execution by creating malicious archives that extract files to sensitive locations, like the Windows “Startup” Start Menu folder. While this vulnerability has […]
1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SCALANCE X Vulnerability: Expected Behavior Violation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to feed data over a mirror port and into the mirrored network. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following SCALANCE products are affected: SCALANCE […]
1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Phoenix Contact Equipment: RAD-80211-XD Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute system level commands with administrative privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS According to Phoenix Contact, the following products are […]
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ENTTEC Equipment: Datagate MK2, Storm 24, Pixelator Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could reboot this device allowing a continual denial of service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ENTTEC reports that […]
FORT BRAGG, N.C. — Sgt. 1st Class Will Lindsay, 33, of Cortez, Colorado, died March 22, 2019, in Kunduz, Afghanistan, as a result of wounds sustained while engaged in combat operations as part of the Operation Freedom’s Sentinel. Lindsay was assigned to 10th Special Forces Group (Airborne), Fort Carson, Colorado.Lindsay was born on Aug. 26, […]
1. EXECUTIVE SUMMARY CVSS v9.3 ATTENTION: Exploitable with adjacent access/low skill level to exploit Vendor: Medtronic Equipment: MyCareLink Monitor, CareLink Monitor, CareLink 2090 Programmer, specific Medtronic implanted cardiac devices listed below Vulnerabilities: Improper Access Control, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an attacker with adjacent short-range […]
Media Advisory#: 19-03-001FORT BRAGG, N.C. (USASOC News Service, March 21, 2019) — Soldiers from the 160th Special Operations Aviation Regiment, U.S. Army Special Operations Aviation Command, were recognized for their contributions to Army aviation in an announcement of the Army Aviation Association of America 2018 award winners.The awards recognize individuals and units for their outstanding […]
