Tenable Research Advisory: AXIS Camera App Malicious Package Distribution Weakness

Tenable Research Advisory: AXIS Camera App Malicious Package Distribution Weakness

/
Tenable Research recently audited an AXIS M3044-V network camera and learned that AXIS has introduced an application platform to their cameras. The camera even came with an app pre-installed: AXIS Video Motion Detection. During the audit, we discovered that it’s possible for a malicious actor to tamper with the firmware ... Read More
AMD Flaws Acknowledged

AMD Flaws Acknowledged

CTS-Labs published several AMD flaws over a week ago. For those of us who read vulnerability disclosures regularly, this particular disclosure was curious. Not only was the branded website bereft of any real technical details, but it also lacked any type of information about coordination with AMD. The disclosure also ... Read More
Zero Exposure Team Advisory: Micro Focus Operations Orchestration, Remote Denial-of-Service (DoS) Vulnerability

Zero Exposure Team Advisory: Micro Focus Operations Orchestration, Remote Denial-of-Service (DoS) Vulnerability

Tenable Research's Zero Exposure team just released an advisory for an information disclosure and denial-of-service vulnerability in Micro Focus Operations Orchestration software. This post provides further context around the discovered vulnerability. What do you need to know? Tenable Research's Zero Exposure team has discovered Information Disclosure and denial-of-service vulnerabilities in ... Read More
Identifying Empire HTTP Listeners

Identifying Empire HTTP Listeners

/
Empire is a popular open source post-exploitation framework. The framework can very roughly be broken down into two parts: agents and listeners. An agent is an implant that lives on the victim’s computer. A listener resides on the attacker’s command and control server and handles communication with the agent. A ... Read More