Symantec end point protection got Owned

Offensive Security has the information. As Offensive  Security was performing a pentest, they noticed that Symantec Endpoint protection had a flaw -one that allows the hacker to escalate security privileges.   This is very bad as it is not a direct execution flaw, but it is a stealth method.   So one never notices as … Read more

Innominate mGuard vulnerability exposed in certain Firmware versions

ICS-cert       has a vulnerability alert: Innominate mGuard firmware Versions 4.0.0 up to Version 8.0.2 Innominate is a German based  company.   Although the vulnerability is a Low profile vulnerability it allows a hacker to learn more about the network and an update to latest firmware is advisable.  Innominate is in the field of … Read more

Easier to steal technology than create your own: China acts

KrebsonSecurity  has a story discussion of an old intrusion. The Iron Dome manufacturers with its successful anti-missile shield found out during 2011-2012 Elisra Group, Israel Aerospace Industries, and Rafael Advanced Systems.   The hackers “Comment Crew”  stole sensitive documents from the networks of the manufacturers over the course of a year.  including a 900 page … Read more

elasticsearch vulnerability helping cause Denial of Service attacks

securelist has the story elasticsearch is an open source Cloud software running on a lot of   cloud companies. As it is a search and analytics engine.   But apparently it has a vulnerability which hackers are abusing. “ including a bot implementing some extraordinary DNS amplification DDoS functionality. Operators of these bots are currently active, … Read more

Bromium says IE browser 2x more attacks than others

Bromium report has the information plus a lot more. Two items of note in the report: 1. the type of exploits occurring in IE, Java and Flash The security system of the Operating system(ASLR and DEP) was exploited in Zero-day attacks in Internet Explorer(IE). The new Adobe Action Script feature was exploited in Flash And … Read more