Author Archives: Zeljka Zorz

Former SunTrust employee stole data on 1.5 million clients

US commercial bank SunTrust has announced on Friday that they’ve fallen victim to insider threat, and that customer records of some 1.5 million of its customers had been extracted from its systems. What is known so far and has been shared with investors by the bank’s Chairman and CEO William Rogers, the insider was a former employee had tried to download customer data and hand it over to a “criminal third party.” Rogers said that … More

The post Former SunTrust employee stole data on 1.5 million clients appeared first on Help Net Security.

FDA plans to improve medical device cybersecurity

The US Food and Drug Administration (FDA) plans to tackle security issues related to medical devices and has released a plan of action it means to implement in the near future. Broadly, plan is as follows: Establish a robust medical device patient safety net in the US Explore regulatory options to streamline and modernize timely implementation of postmarket mitigations; Spur innovation towards safer medical devices; Advance medical device cybersecurity; and Integrate CDRH’s premarket and postmarket … More

The post FDA plans to improve medical device cybersecurity appeared first on Help Net Security.

When BEC scammers specialize

A group of BEC scammers has been focusing its efforts on the global maritime shipping industry, compromising emails accounts and attempting to trick targets into delivering considerable sums to bank accounts set up by the group. Secureworks researchers have been tracking the group’s activities for quite a while and have been warning the targets. They estimate that between June 2017 and January 2018, the scammers attempted to steal a minimum of $3.9 million U.S. dollars … More

The post When BEC scammers specialize appeared first on Help Net Security.

NIST releases Cybersecurity Framework 1.1

The US Commerce Department’s National Institute of Standards and Technology (NIST) has announced at RSA Conference 2018 the release of version 1.1 of its popular Framework for Improving Critical Infrastructure Cybersecurity, more widely known as the Cybersecurity Framework. The framework was developed with a focus on industries vital to national and economic security, including energy, banking, communications and the defense industrial base. It has since proven flexible enough to be adopted voluntarily by large and … More

The post NIST releases Cybersecurity Framework 1.1 appeared first on Help Net Security.

How attackers can exploit iTunes Wi-Fi sync to gain lasting control of target devices

An iOS feature called iTunes Wi-Fi sync, which allows a user to manage their iOS device without physically connecting it to their computer, could be exploited by attackers to gain lasting control over the device and extract sensitive information from it. The vulnerability was discovered by Symantec researchers, disclosed to Apple and now to the RSA Conference 2018 attendees and the wider public. Apple has implemented a mechanism that should prevent easy exploitation of the … More

The post How attackers can exploit iTunes Wi-Fi sync to gain lasting control of target devices appeared first on Help Net Security.

Cisco plugs critical hole in WebEx, users urged to upgrade ASAP

Cisco has fixed a critical vulnerability in its WebEx videoconferencing software that could be exploited to compromise meeting attendees’ systems by simply opening a booby-trapped Flash file shared in a meeting. About the vulnerability (CVE-2018-0112) The flaw is due to insufficient input validation by the Cisco WebEx clients, and affects Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server. (The Cisco WebEx Business Suite (WBS) meeting services and Cisco WebEx Meetings … More

The post Cisco plugs critical hole in WebEx, users urged to upgrade ASAP appeared first on Help Net Security.

LocalBlox found leaking info on tens of millions of individuals

LocalBlox, a US-based data technology company that “crawls, discovers, extracts, indexes, maps and augments data in a variety of formats from the web and from exchange networks” and ties it all together to create profiles on individuals that contain personal, business and consumer data for marketing purposes, has been found leaking information on tens of millions of individuals. The discovery was made by UpGuard researcher Chris Vickery, who stumbled upon the unsecured Amazon Web Services … More

The post LocalBlox found leaking info on tens of millions of individuals appeared first on Help Net Security.

In preparation for the GDPR, CoSoSys launches Endpoint Protector 5.1

CoSoSys announced the latest update of its award-winning flagship Data Loss Prevention product, Endpoint Protector 5.1, which brings added functionalities to key features and a boost for GDPR compliance. With only a few weeks to go until the EU’s General Data Protection Regulation (GDPR) comes into force on May 25th, companies on both sides of the Atlantic serving European customers are rushing to reach compliance before time runs out. Placing a heavy emphasis on protecting … More

The post In preparation for the GDPR, CoSoSys launches Endpoint Protector 5.1 appeared first on Help Net Security.

Researchers propose scheme to secure brain implants

A group of researchers from KU Leuven, Belgium, have proposed a practical security scheme that would allow secure communications between a widely used implantable neurostimulator – an electrical brain implant used to treat a number of medical issues – and its external device programmer. Other researchers have already noted that motivated attackers could find ways to hack brain implants due to their poor or inexistent security, and have pointed out that, while the current risk … More

The post Researchers propose scheme to secure brain implants appeared first on Help Net Security.

New targeted surveillance spyware found on Google Play

A new targeted surveillance app has been found and booted from Google Play. The app, named Dardesh, posed as a chat application and acted as a downloader for a second app that could spy on users. The Dardesh app was spotted and analyzed by Lookout researchers, who dubbed the malware family Desert Scorpion. How was the app delivered to targets? The malicious Dardesh chat app was apparently downloaded and installed by over a hundred users, … More

The post New targeted surveillance spyware found on Google Play appeared first on Help Net Security.

Researchers develop algorithm to detect fake users on social networks

Ben-Gurion University of the Negev and University of Washington researchers have developed a new generic method to detect fake accounts on most types of social networks, including Facebook and Twitter. According to their new study in Social Network Analysis and Mining, the new method is based on the assumption that fake accounts tend to establish improbable links to other users in the networks. “With recent disturbing news about failures to safeguard user privacy, and targeted … More

The post Researchers develop algorithm to detect fake users on social networks appeared first on Help Net Security.

Tech-skilled cybersecurity pros in high demand and short supply

The worldwide cybersecurity skills gap continues to present a significant challenge, with 59 percent of information security professionals reporting unfilled cyber/information security positions within their organization, according to ISACA’s new cybersecurity workforce research. The research is the result of polling 2,300+ cybersecurity professionals who hold ISACA’s Certified Information Security Manager (CISM) and/or Cybersecurity Nexus Practitioner (CSXP). Among the concerning trends revealed in part 1 of the ISACA State of Cybersecurity 2018 Report, released today at … More

The post Tech-skilled cybersecurity pros in high demand and short supply appeared first on Help Net Security.

US, UK warn Russians hackers are compromising networking devices worldwide

Russian state-sponsored hackers are targeting network infrastructure devices worldwide, the US Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and the United Kingdom’s National Cyber Security Centre (NCSC) have warned on Monday. A joint technical alert published by the organizations says that the targets are “primarily government and private-sector organisations, critical infrastructure providers, and the Internet service providers (ISPs) supporting these sectors.” The attackers are compromising routers, switches, firewalls, Network-based Intrusion Detection System … More

The post US, UK warn Russians hackers are compromising networking devices worldwide appeared first on Help Net Security.

Rambus launches fully programmable secure processing core

At RSA Conference 2018, Rambus announced the availability of the CryptoManager Root of Trust (CMRT), a fully programmable hardware security core built with a custom RISC-V CPU. The secure processing core creates a siloed architecture that isolates and secures the execution of sensitive code, processes and algorithms from the primary processor. This mitigates the risk of critical vulnerabilities like the recent Meltdown and Spectre security flaws and allows designers to optimize the primary processor for … More

The post Rambus launches fully programmable secure processing core appeared first on Help Net Security.

Moxa plugs serious vulnerabilities in industrial secure router

A slew of serious vulnerabilities in the Moxa EDR-810 series of industrial secure routers could be exploited to inject OS commands, intercept weakly encrypted or extract clear text passwords, expose sensitive information, trigger a crash, and more. Moxa EDR-810 series flaws The existence of the flaws has been revealed when the Cisco Talos team published a post detailing them on Friday. The good news is that they’ve all been fixed, and Moxa is urging users … More

The post Moxa plugs serious vulnerabilities in industrial secure router appeared first on Help Net Security.

Your Android phone says it’s fully patched, but is it?

How do fully-maintained (i.e., patched) Android phones end up getting exploited? Searching for an answer to that question spurred security researchers to analyze thousands of Android firmwares for the presence of hundreds of patches. Their research led to an unwelcome discovery: most Android vendors regularly forget to include some patches in the security updates provided to users. The research Security Research Labs researchers Jakob Lell and Karsten Nohl explained how they went about making the … More

The post Your Android phone says it’s fully patched, but is it? appeared first on Help Net Security.

Security researchers sinkholed EITest infection chain

Security researchers have managed to neutralize “EITest,” one of the oldest infection chains and thus preventing as many as two million potential malicious redirects a day. About EITest EITest relied on compromised websites – mostly WordPress-based, but also using other CMSes – to direct users to exploit kit landing pages and social engineering schemes, which then delivered a wide variety of malware. It has been in use, on and off, since at least 2011. “Shortly … More

The post Security researchers sinkholed EITest infection chain appeared first on Help Net Security.

Real-time detection of consumer IoT devices participating in DDoS attacks

Could we detect compromised consumer IoT devices participating in a DDoS attack in real-time and do someting about it? A group of researchers Princeton University have presented some encouraging results showing that the first part of that equation can be relatively easily solved. As IoT traffic is often distinct from that of other Internet connected devices and as machine learning has proved promising for identifying malicious Internet traffic, they decided to use these facts to … More

The post Real-time detection of consumer IoT devices participating in DDoS attacks appeared first on Help Net Security.

Researchers use power lines to exfiltrate data from air-gapped computers

Researchers from the Ben-Gurion University of the Negev have come up with another way to exfiltrate data from air-gapped computers: this time, its via malware that can control the power consumption of the system. “Data is modulated, encoded, and transmitted on top of the current flow fluctuations, and then it is conducted and propagated through the power lines,” they pointed out. They call this malware PowerHammer. Data exfiltration via power lines They have devised two … More

The post Researchers use power lines to exfiltrate data from air-gapped computers appeared first on Help Net Security.

Court rules to ban access to Telegram in Russia

It didn’t take long for judge Yuliya Smolina of the Tagansky District Court of Moscow to rule that the Telegram secure messaging service should be blocked on the whole territory of Russia. She made the decision in less than 20 minutes and expects it to be effected immediately. The Roskomnadzor – the Russian media and telecom regulator – said that it will start the procedure to block the service as soon as it received a … More

The post Court rules to ban access to Telegram in Russia appeared first on Help Net Security.

Protect and manage secure company files with Vera’s agentless solution

Vera is taking the next step to a truly agentless experience by giving customers the ability to edit, collaborate, and save changes to secure files without requiring any downloads whatsoever. This new browser-based editing experience makes it easy for enterprises to collaborate on all Office file types — notes, documents, presentations, and more — while preserving the company’s policy, security, and control, no matter where the file travels or who has access. Frictionless solution “One … More

The post Protect and manage secure company files with Vera’s agentless solution appeared first on Help Net Security.

Thousands of WP, Joomla and SquareSpace sites serving malicious updates

Thousands of compromised WordPress, Joomla and SquareSpace-based sites are actively pushing malware disguised as Firefox, Chrome and Flash Player updates onto visitors. This campaign has been going on since at least December 2017 and has been gaining steam. The malicious actors are injecting JavaScript that triggers the download requests into the content management systems’ JavaScript files or directly into the sites’ homepage. Keeping the effort on the down-low The malware peddlers are using a variety … More

The post Thousands of WP, Joomla and SquareSpace sites serving malicious updates appeared first on Help Net Security.

One in 10 C-level execs say GDPR will cost them over $1 million

Companies are taking the new General Data Protection Regulation (GDPR) much more seriously than HIPAA and PCI: 99 percent are actively involved in the process to become GDPR-compliant, despite the cost and internal reorganization involved, a new survey that polled 300 C-level security executives has shown. About half (49 percent) are 75 percent of the way through the process, and another 37 percent are halfway there. What’s more, 71 percent of the pollees are confident … More

The post One in 10 C-level execs say GDPR will cost them over $1 million appeared first on Help Net Security.

AMD users running Windows 10 get their Spectre fix

AMD has released new microcode updates for mitigating variant 2 of the Spectre attack and Microsoft has released an OS update with the mitigation to AMD users running Windows 10. As you might remember, AMD processors were found not to be vulnerable to Meltdown attacks, but they were affected by Spectre (both variants). Variant 1 necessitates application-level fixes and variant 2 (CVE-2017-5715) requires changes at the OS level. Microsoft fixes problem for Windows 10 users … More

The post AMD users running Windows 10 get their Spectre fix appeared first on Help Net Security.

2.5 billion crypto mining attempts detected in enterprise networks

The volume of cryptomining transactions has been steadily growing since Coinhive came out with its browser-based cryptomining service in September 2017. Some websites have embraced the option and are giving their visitors the choice between viewing ads or sharing their CPU power to mine cryptocoins. Unfortunately malicious, covert hijackings of computer power are much more common, as the mining code can be secretly injected into compromised legitimate sites or even ads that are being served … More

The post 2.5 billion crypto mining attempts detected in enterprise networks appeared first on Help Net Security.

What patches to prioritize following the April 2018 Patch Tuesday?

Patch Tuesday came and went and, as usual, Microsoft and Adobe have released patches/security updates for vulnerabilities affecting a wide variety of their products. Adobe’s patches This April 2018 Patch Tuesday Adobe addressed vulnerabilities in Adobe PhoneGap Push Plugin, Adobe Digital Editions, Adobe InDesign, Adobe Experience Manager, and Adobe Flash Player. Of these updates, the most important one is that for Adobe Flash Player. Not only is the product the most widely used of those … More

The post What patches to prioritize following the April 2018 Patch Tuesday? appeared first on Help Net Security.

How security researchers deal with risks stemming from their activities

Broad and inconsistent interpretations of behind the times laws, new anti-infosec legislation, lawsuits and criminal prosecutions are having a chilling effect on security research. It’s difficult to quantify the effect, but Joseph Lorenzo Hall and Stan Adams of the US-based non-profit Center for Democracy & Technology have attempted to reveal the worries and choices of security researchers in the current climate by interviewing twenty of them. “We used a qualitative methods research design to understand … More

The post How security researchers deal with risks stemming from their activities appeared first on Help Net Security.

Emergency alert systems used across the US can be easily hijacked

A vulnerability affecting emergency alert systems supplied by ATI Systems, one of the leading suppliers of warning sirens in the USA, could be exploited remotely via radio frequencies to activate all the sirens and trigger false alarms. “We first found the vulnerability in San Francisco, and confirmed it in two other US locations including Sedgwick County, Wichita, Kansas,” Balint Seeber, Director of Threat Research at Bastille, told Help Net Security. “Although we have not visited … More

The post Emergency alert systems used across the US can be easily hijacked appeared first on Help Net Security.

How to minimize healthcare supply chain threats

There are many reasons why healthcare institutions have poor cybersecurity: most resources go towards providing patient care and not enough is left for cybersecurity; not all hospitals have a dedicated cybersecurity team; cybersecurity policies and authentication procedures are difficult to implement due to many users who rotate within the hospital, and more. In a recent paper, though, Trend Micro researchers zeroed in on two particular risks these organizations are susceptible to and they don’t feel … More

The post How to minimize healthcare supply chain threats appeared first on Help Net Security.

Hackers leverage flaw in Cisco switches to hit Russian, Iranian networks

The proof-of-concept exploit code for a vulnerability affecting many Cisco switches has been leveraged by vigilante hackers to mess with networks and data-centers in Russia and Iran. Who has been hit? According to Kaspersky Lab researchers, after exploiting the flaw the attackers are able to run code that allows them to rewrite the Cisco IOS image on the switches and change the configuration file, leaving a message that reads “Do not mess with our elections.” … More

The post Hackers leverage flaw in Cisco switches to hit Russian, Iranian networks appeared first on Help Net Security.

Russian government asks court to allow them to block Telegram

Russian communications regulator’s fight to block the Telegram encrypted messaging service continues. Telegram (the company) has been fighting the Roskomnadzor – the Russian federal agency tasked with overseeing that the media, telecoms and other mass communications providers comply with existing laws and adequately protect the confidentiality of personal data being processed – every step of the way. First, they tried to skip on registering as an “organizer of dissemination of information,” which would force them … More

The post Russian government asks court to allow them to block Telegram appeared first on Help Net Security.

Delta and Sears suffer data breach, credit card information compromised

US-based Delta Air Lines and Sears Holdings, the owners of Sears and Kmart, have announced that the breach suffered by chatbot company [24]7.ai has resulted in the compromise of credit card information of its customers. According to a statement by [24]7.ai, which provides online support services to the two companies, the incident began on September 26 and was discovered and contained on October 12, 2017. Sears Holdings says that the incident involved unauthorized access to … More

The post Delta and Sears suffer data breach, credit card information compromised appeared first on Help Net Security.

Easily exploited flaw in Microsoft Malware Protection Engine allows total system compromise

A critical and extremely easily exploitable vulnerability in the Microsoft Malware Protection Engine (MMPE) has been patched through an out-of-band security update pushed out by Microsoft on Tuesday. “Administrators of enterprise antimalware deployments should ensure that their update management software is configured to automatically approve and distribute engine updates and new malware definitions. Enterprise administrators should also verify that the latest version of the Microsoft Malware Protection Engine and definition updates are being actively downloaded, … More

The post Easily exploited flaw in Microsoft Malware Protection Engine allows total system compromise appeared first on Help Net Security.

ShifLeft: Fully automated runtime security solution for cloud applications

When talking about data loss prevention, the first thing that comes to mind are solutions aimed at stopping users from moving sensitive documents/data out of a network. But there is a different type of data loss that app developers should be conscious and worry about: cloud applications inadvertently sending critical data to unencrypted/public databases/services. Fuelled by the adoption of microservices and short software development cycles, this is the fastest growing problem in application security today. … More

The post ShifLeft: Fully automated runtime security solution for cloud applications appeared first on Help Net Security.

Establishing covert communication channels by abusing GSM AT commands

Security research often starts as a hobby project, and Alfonso Muñoz’s and Jorge Cuadrado’s probe into mobile privacy is no exception. The duo, who’s scheduled to reveal the results of their research at the Hack in the Box Conference in Amsterdam next week, ended up finding a way to establishing covert communication channels over GSM by abusing GSM AT commands. The investigation The first step of their investigation was to build a DIY mobile phone, … More

The post Establishing covert communication channels by abusing GSM AT commands appeared first on Help Net Security.

Intel will not provide Spectre/Meltdown microcode updates for some processor families

Intel has decided not to provide microcode updates to plug Spectre and Meltdown vulnerabilities in a number of older processors. According to the last update (April 2, 2018) of the “Microcode Revision Guidance,” Bloomfield, Bloomfield Xeon, Clarksfield, Gulftown, Harpertown Xeon C0 and E0, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale, Wolfdale Xeon, Yorkfield, and Yorkfield Xeon families of processors will not receive the updates. (Most of these “abandoned” CPUs are older products no longer in production.) … More

The post Intel will not provide Spectre/Meltdown microcode updates for some processor families appeared first on Help Net Security.

Critical vulnerability opens Cisco switches to remote attack

A critical vulnerability affecting many of Cisco’s networking devices could be exploited by unauthenticated, remote attackers to take over vulnerable devices or trigger a reload and crash. The company says that the vulnerability is not actively exploited in the wild, but as information about it and Proof-of-Concept code has now been published network administrators would do well to install the released security updates as soon a possible. About the vulnerability (CVE-2018-0171) The flaw was discovered … More

The post Critical vulnerability opens Cisco switches to remote attack appeared first on Help Net Security.

Cloudflare launches privacy-protecting DNS service

If you’ve been offline during the weekend you might have missed Cloudflare announcing a new privacy-oriented consumer DNS service, hosted at the following IP addresses: 1.1.1.1 and 1.0.0.1. With this launch the US-based Internet services giant has joined the likes of Google and IBM Security, who also offer free DNS resolution services as an alternative to using ISPs’ DNS resolvers or locally installed DNS servers. The Cloudflare DNS Resolver Cloudflare says that their DNS service … More

The post Cloudflare launches privacy-protecting DNS service appeared first on Help Net Security.

How to close the security update gap

Security patching is hard and patch fatigue is real. So what can be done to make the process more simple, less disruptive, and more likely to be performed in a timely manner? According to the results of a recent survey by ACROS Security, those responsable for it are asking for – among other things – the capability to quickly un-apply patches if they cause problems, security and functional patches to be decoupled, want to have … More

The post How to close the security update gap appeared first on Help Net Security.

Google to purge cryptomining extensions from Chrome Web Store

In a bid to prevent Chrome users’ computers being covertly used for cryptocurrency mining, Google will try to purge the Chrome Web Store of extensions that hijack machines’ CPU resources to do just that. Announced changes “Until now, Chrome Web Store policy has permitted cryptocurrency mining in extensions as long as it is the extension’s single purpose, and the user is adequately informed about the mining behavior,” Extensions Platform Product Manager James Wagner explained. “Unfortunately, … More

The post Google to purge cryptomining extensions from Chrome Web Store appeared first on Help Net Security.

Hackers steal payment card data of 5 million Saks, Lord & Taylor customers

Hackers have apparently managed to compromise the cash register systems at Saks Fifth Avenue and Lord & Taylor stores in the US and Canada, and have stolen payment card data of some five million customers, a cybersecurity research firm has revealed on Sunday. What happened? “On March 28, 2018, a notorious hacking JokerStash syndicate, also known as Fin7 announced the latest breach of yet another major corporation, with more than five million stolen payment cards … More

The post Hackers steal payment card data of 5 million Saks, Lord & Taylor customers appeared first on Help Net Security.

Nation-state hackers are attacking our trust in critical systems

In the last few years, the lines between cyber criminals and nation-states have become increasingly blurry and it has become obvious that the private sector is not capable of handling cyber threats on its own, Chris Inglis, former deputy director of the National Security Agency, told the crowd at World Cyber Security Congress this week. The WannaCry and NotPetya attacks – generally attributed to North Korea and Russia – have shown that an organization doesn’t … More

The post Nation-state hackers are attacking our trust in critical systems appeared first on Help Net Security.

Apple puts privacy information screens in users’ line of sight

Apple has released the latest round of updates for its various products. They come with the usual security fixes, but also a new feature aimed at informing users about what information Apple-made apps collect about them and how that information is used. The security fixes Apple kas plugged a bucketload of vulnerabilities in WebKit, the layout engine software component for rendering web pages in Safari, most of which may lead to arbitrary code execution, as … More

The post Apple puts privacy information screens in users’ line of sight appeared first on Help Net Security.

Hacking intelligent buildings using KNX and Zigbee networks

A great many of us are living, staying or working in “smart” buildings, relying on automated processes to control things like heating, ventilation, air conditioning, lighting, security and other operation systems. We expect those systems to work without a glitch and withstand attacks but, unfortunately, the security of these systems is still far from perfect. A group of researchers from Tencent Security Platform is getting ready to demonstrate just how imperfect it is at the … More

The post Hacking intelligent buildings using KNX and Zigbee networks appeared first on Help Net Security.

Do you have what it takes to withstand modern DDoS attacks?

As the latest record DDoS attack hit GitHub and threatened to overwhelm its edge network, the popular Git-repository hosting service quickly switched to routing the attack traffic to their DDoS mitigation service. In the end, GitHub ended up completely unavailable for five minutes and intermittently unavailable for four. But while the effect of the attack could have been worse, GitHub’s engineering team aims to do better next time they are hit. Robert Hamilton, Director of … More

The post Do you have what it takes to withstand modern DDoS attacks? appeared first on Help Net Security.

Netflix, Dropbox promise not to sue security researchers, with caveats

Netflix and Dropbox have both noted recently that they won’t sue security researchers who find and disclose vulnerabilities in their products. The only caveat is: the researchers must conduct the research in line with their vulnerability disclosure policy and bug bounty program guidelines. Dropbox Dropbox Head of Security Chris Evans announced on Wednesday that they’ve updated their vulnerability disclosure policy to clearly say that the company will “not initiate legal action for security research conducted … More

The post Netflix, Dropbox promise not to sue security researchers, with caveats appeared first on Help Net Security.

Atlanta government systems hit by rasomware

The city of Atlanta has suffered a ransomware attack on Thursday, which resulted in outages of some of its customer facing applications, including some that customers may use to pay bills or access court-related information. The city government alerted the public about the outages on Thursday morning via Twitter, but did not say at the time what was their cause. Later that day, Keisha Lance Bottoms, the city’s mayor, held a press conference during which … More

The post Atlanta government systems hit by rasomware appeared first on Help Net Security.

Flaws in ManageEngine apps opens enterprise systems to compromise

Researchers have discovered multiple severe vulnerabilities in ManageEngine’s line of tools for internal IT support teams, which are used by over half of Fortune 500 companies. About the vulnerabilities The first flaw affects EventLog Analyzer 11.8 and Log360 5.3, and could be exploited to achieve remote code execution with the same privileges as the user that started the application, by uploading a web shell to be written to the web root. The rest of the … More

The post Flaws in ManageEngine apps opens enterprise systems to compromise appeared first on Help Net Security.