Watch

now browsing by tag

 
 

Watch Out IT Admins! Two Unpatched Critical RCE Flaws Disclosed in rConfig

Source: National Cyber Security – Produced By Gregory Evans

rConfig network configuration management vulnerability

If you’re using the popular rConfig network configuration management utility to protect and manage your network devices, here we have an important and urgent warning for you.

A cybersecurity researcher has recently published details and proof-of-concept exploits for two unpatched, critical remote code execution vulnerabilities in the rConfig utility, at least one of which could allow unauthenticated remote attackers to compromise targeted servers.

Written in native PHP, rConfig is a free, open source network device configuration management utility that allows network engineers to configure and take frequent configuration snapshots of their network devices.

According to the project website, rConfig is being used to manage more than 3.3 million network devices, including switches, routers, firewalls, load-balancer, WAN optimizers.

What’s more worrisome? Both vulnerabilities affect all versions of rConfig, including the latest rConfig version 3.9.2, with no security patch available at the time of writing.

Discovered by Mohammad Askar, each flaw resides in a separate file of rConfig—one, tracked as CVE-2019-16662, can be exploited remotely without requiring pre-authentication, while the other, tracked as CVE-2019-16663, requires authentication before its exploitation.

  • Unauthenticated RCE (CVE-2019-16662) in ajaxServerSettingsChk.php
  • Authenticated RCE (CVE-2019-16663) in search.crud.php

In both cases, to exploit the flaw, all an attacker needs to do is access the vulnerable files with a malformed GET parameter designed to execute malicious OS commands on the targeted server.

rConfig vulnerability

As shown in the screenshots shared by the researcher, the PoC exploits allow attackers to get a remote shell from the victim’s server, enabling them to run any arbitrary command on the compromised server with the same privileges as of the web application.

Meanwhile, another independent security researcher analysed the flaws and discovered that the second RCE vulnerability could also be exploited without requiring authentication in rConfig versions prior to version 3.6.0.

“After reviewing rConfig’s source code, however, I found out that not only rConfig 3.9.2 has those vulnerabilities but also all versions of it. Furthermore, CVE-2019-16663, the post-auth RCE can be exploited without authentication for all versions before rConfig 3.6.0,” said the researcher, who goes by online alias Sudoka.

Askar responsibly reported both vulnerabilities to the rConfig project maintainers almost a month back and then recently decided to release details and PoC publicly after the maintainers failed to acknowledge or respond to his findings.

If you are using rConfig, you are recommended to temporarily remove it from your server until security patches arrive.

The Original Source Of This Story: Source link

The post Watch Out IT Admins! Two Unpatched Critical RCE Flaws Disclosed in rConfig appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | Cyber Security Today – Stalkerware and ransomware increasing, password advice and updates to watch for

Source: National Cyber Security – Produced By Gregory Evans

Stalkerware and ransomware increasing, password advice and updates to watch for.

Welcome to Cyber Security Today. It’s Friday October 4th, I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com.

A few months ago I warned about stalkerware, which are apps installed on a smartphone or tablet that lets another person keep an eye on what you’re doing. Usually this app gets installed when you’re not looking by a spouse, lover or friend who has access to your device. This is not a parental control app a parent installs on a child’s device. This is is an illegal snooping app. This week security vendor Kaspersky put out some numbers that may give an idea of how common their use is, based on the number of detections from its security software. In the first eight months of the year there were more than 518,000 cases where the software either registered the presence of stalkerware on users’ devices or detected an attempt to install it. And remember, that number is only for devices that use Kaspersky software. Huge numbers of people either don’t use antivirus software on their mobile devices, or use another brand. Some of these apps hide themselves on devices, so victims don’t know its there. Stalkerware has to be installed directly by someone. So think twice before letting a friend, or someone closer, use your phone.

As I mentioned on Wednesday, this is Cyber Security Awareness Month. As part of that Google released a public opinion poll that, if representative, shows a lot of Americans aren’t cyber aware. Twenty-four per cent of respondents said they use weak passwords like “admin” and “1234.” Fifty-nine per cent have used a name or birthday in an online password. Many people must know others use weak passwords because 27 per cent of respondents say they’ve tried to guess someone else’s password — and of those 17 per said they guess right. Well, if you can guess right, so can criminals. Look, it isn’t easy to have to remember lots of passwords. That’s why there are password managers. Google has one it just improved, which is why it released the survey. There are lots of password managers. Go online, do a search, use one of them.

The FBI this week issued a reminder to organizations that ransomware is crippling those who aren’t prepared. The latest hit were three rural hospitals in the same group in Alabama. For a time new patients had to be sent to Birmingham. Last week a major hospital in downtown Toronto was hit. The FBI urges organizations to regularly back up their data and verify its integrity. Ensure backups can’t be infected by being connected to live networks. Focus on employee awareness and training to recognize suspicious email. And make sure all software gets security patches as soon as they are available.

Finally, some product updates to watch for: If you use WhatsApp on an Android device running version 9 or 8 of the operating system, make sure you upgrade to the latest version of WhatsApp. There’s a serious bug that could let a hacker into your device by sending you a repeating video called a GIF. Like one of those videos of a cat doing something silly.

And Microsoft has put out another Windows update to fix a printing problem. This patch is to fix ones that were issued over a week ago. It also updates Internet Explorer.

That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.


Related Download
Sponsor: CanadianCIO


Cybersecurity Conversations with your Board – A Survival Guide

A SURVIVAL GUIDE BY CLAUDIO SILVESTRI, VICE-PRESIDENT AND CIO, NAV CANADA
Download Now

Source link

The post #cybersecurity | Cyber Security Today – Stalkerware and ransomware increasing, password advice and updates to watch for appeared first on National Cyber Security.

View full post on National Cyber Security

Cyber Security Watch Position/Security Engineer

Source: National Cyber Security – Produced By Gregory Evans

Job Description

Edgewater Federal Solutions is a small business providing Information Technology (IT) consulting services to the Federal government.   Founded in 2002, Edgewater is headquartered a few miles south of Frederick, Maryland (near Urbana, MD).  Edgewater’s core services are Program Management Support, Business Process Engineering, Cyber Security, and Enterprise Systems Engineering and Operations.  Edgewater is currently seeking a Cyber Security Watch Position/Security Engineer to provide support to the DOE IN office located in Washington, D.C.

Responsibilities/Duties include:

  • Serve as the Cybersecurity Watch Analyst responsible for analyzing information collected from a variety of sources to identify, analyze, and report on events to protect information systems and networks from threats.
  • Perform technical security activities to include:
    • Characterize and analyze security events to identify anomalous and potential threats to systems
    • Analyze identified malicious activity to determine exploitation methods and impacts
    • Triage intrusions, malware, and other cybersecurity threats
    • Document, track and escalate cybersecurity incidents
  • Comment on new ODNI/NIST standards / regulations as applies to client environment
  • Employ best practices when implementing security requirements within an information system.
  • Participate in IC Community Shared Resources Working Group.
  • May serve as a technical team or task leader.
  • Maintains current knowledge of relevant technology as assigned.
  • Respond to cyber incidents as defined in DOE-IN Incident Response and local SOP.
  • Participates in special projects as required.

Required Skills:

  • 12 years of cyber security experience with a Bachelor’s Degree in a technical field.
  • Desired Candidates have CISSP or other security certification.
  • Knowledge of common adversary tactics, techniques, and procedures.
  • Experience working in a SIEM, interpreting IDS alerts, and deriving context from event logs
  • Candidates must have the following experience and knowledge:
    Knowledge of the IC and audit collection policies.
  • Possess effective interpersonal and presentation skills as he/she operates in a client-facing role.
  • Possess the ability to communicate in written and oral form.  Publication or presentation experiences a plus.
  • Experience reporting IT Security events/incidents in the time prescribed based on policies and procedures.
  • Candidate will be a Proactive Self Starter
  • Candidate will Require Little to No Immediate Supervision or Day to Day Tasking
  • Candidate will Possess Excellent Decision Making Skills.
  • Candidate will Demonstrate Flexibility and Possess the Willingness to Support Shift Work if Needed.
  • Candidate will Possess Excellent ability to collaborate as a Team and Possess Excellent Interpersonal Skills.
  • Candidate will Possess Excellent Oral and Written Communication Skills and be able to Interact with Senior Levels of Management.

Preferred To Have/Desired Skills:

  • Possesses experience supporting the Intelligence Community (IC)
  • Experience analyzing host based security events and indicators
  • Experience analyzing network based security events and indicators
  • Experience working in a SOC and supporting incident response
  • Experience with supporting the Joint Worldwide Intelligence System (JWICS).
  • Knowledge of cloud architecture.
  • Knowledge of virtualization capabilities

It has been and continues to be the policy of Edgewater Federal Solutions to provide equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, and/or other status protected by applicable law.

The post Cyber Security Watch Position/Security Engineer appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Stay safe online this summer, watch out for fake WiFi networks

Source: National Cyber Security – Produced By Gregory Evans

Better Business Bureau warns if you are traveling this summer and taking advantage of free WiFi, double check before connecting your device. Scammers use fake WiFi hotspots to steal personal information or gain access to your device. “Say you’re at a coffee shop, airport, hotel lobby, or other public place,…

The post Stay safe online this summer, watch out for fake WiFi networks appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Psychology of scams: The emotional traps to watch out for

Criminals are using age-old techniques to manipulate the way we think and act, leaving us vulnerable to scams. IDCARE counsellor Suli Malet-Warden explains the psychological games that scammers play to entrap their victims. The romance scam During the grooming stage, the criminal works on eliciting a high level of trust to manipulate the victim into what the criminal terms the ‘ether state’. This state is characterised by high oxytocin levels which are increased through ‘love bombing’; validating the victim, telling him or her how wonderful they are, sending love notes and love poems through the day and relentlessly, emotionally bombarding them with ‘love vibes’. Read More….

The post Psychology of scams: The emotional traps to watch out for appeared first on Dating Scams 101.

View full post on Dating Scams 101

PSNI warns people to watch out for scams when online dating as UK loses £39m in 2016

Source: National Cyber Security – Produced By Gregory Evans

PSNI warns people to watch out for scams when online dating as UK loses £39m in 2016

The Police Service of Northern Ireland is encouraging people to be on the lookout for scammers who want to take advantage of those who may be looking for love or companionship this Valentine’s Day. Read More….

The post PSNI warns people to watch out for scams when online dating as UK loses £39m in 2016 appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Stop Everything And Watch This Baby Running Off With A Recording Phone

It’s one thing to have your cell phone stolen; it’s another to have it done by a laughing baby.

An endearing YouTube video captured a wobbly-legged bandit leading a frantic, giggle-filled chase while running through a home with the recording phone pointed at the baby’s hysterical face.

At one point the baby stumbles and nearly loses the prized possession before getting back up with a smile and taking off again. Trailing close behind is the baby’s presumed mom who can’t help but laugh along.

Read More

The post Stop Everything And Watch This Baby Running Off With A Recording Phone appeared first on Parent Security Online.

View full post on Parent Security Online

Analyst (Watch Analyst)

new1

Source: National Cyber Security – Produced By Gregory Evans

Analyst (Watch Analyst)

Job Description
Halfaker and Associates, an award winning high growth small business, creates innovative and practical technology solutions in the areas of Advanced Analytics, Software Engineering, IT Infrastructure and Cyber Security to help government organizations perform their critical missions.  Our

The post Analyst (Watch Analyst) appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Resource Watch: National Novel Writing Month Has a New Website for Educators – Teaching Now – Education Week Teacher

NaNoWriMo’s Young Writers Program has a beta version of a new website for teachers and students, complete with a variety of new educational resources.

View full post on Education Week: Bullying







#pso #htcs #b4inc

Read More

The post Resource Watch: National Novel Writing Month Has a New Website for Educators – Teaching Now – Education Week Teacher appeared first on Parent Security Online.

View full post on Parent Security Online

Watch: Child Trauma Survivors Reunite With the Adults Who Made a Difference – Rules for Engagement – Education Week

An emotional video campaign illustrates the ways meaningful adult relationships can counter the effects of childhood trauma on the brain.

View full post on Education Week: Bullying







#pso #htcs #b4inc

Read More

The post Watch: Child Trauma Survivors Reunite With the Adults Who Made a Difference – Rules for Engagement – Education Week appeared first on Parent Security Online.

View full post on Parent Security Online