An open source library, libssh, announced a fixed vulnerability today. I’ll let them explain:
libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authenticate without any credentials.
Good thing we use openssh in my company! I don’t have to monitor a bunch of software systems for security fixes and deployment–
$ nc github-enterprise.server 22
Splunk data models are a security professional’s best friend in terms of alerting, investigation, and audit. Splunk ES has an entire suite of baked-in correlation searches, but I want to talk about models a bit.
If you don’t know what Splunk is, hey, stop and go check out their free demo. I’ve never made a dime from Splunk as of this writing, but I like their software and wish Kibana were as functional for security purposes.
Continue reading “Splunk Data Models”
WPA3 certification has begun. I’m not sure there’s a lot to say about the current state of wireless security beyond keeping routers up to date and using nice long passwords.
I’ll briefly revisit the ez-mode version of the testing I’ve done in the past, but it’s pretty straightforward.
Continue reading “Wireless Security: WPA3 and Wifi Cracking”
Adobe posted security bulletin APSB17-21 today, detailing a new exploit vector that potentially lets bad actors run code on your machine.
Just uninstall Flash. Most major content providers offer an html5 option and have for a while now.