CVE-2018-15454 (Cisco SIP) Exploit Information
From October 2018, NCCIC analysts have observed network traffic indicating attempts, by unknown actors against multiple government agencies, to exploit a vulnerability [CVE-2018-15454] in the Session Initiation Protocol (SIP) inspection engine of Cisco ASA Software and Cisco FTD Software. [...] ... Read More
Amazon AWS GuardDuty
Amazon GuardDuty is a continuous security monitoring service that analyzes and processes the following data sources: VPC Flow Logs, AWS CloudTrail event logs, and DNS logs. [...] ... Read More
Amazon AWS Inspector
Amazon Inspector is an automated security assessment service that helps you test the network accessibility of your Amazon EC2 instances and the security state of your applications running on those instances. [...] ... Read More
Using Docker To Install OpenVAS On CentOS
An interesting post from Gerry Williams at gerrywilliams.net Description: Saw a post on r/sysadmin the other day with a walkthrough on using Docker for the first time. Thought I would take some notes: To Resolve: [...] ... Read More
OpenVAS image for Docker on Ubuntu
A Docker container for OpenVAS on Ubuntu. By default, the latest images includes the OpenVAS Base as well as the NVTs and Certs required to run OpenVAS [...] ... Read More
WP GDPR Compliance WordPress Plug-in Exploited
A WordPress plug-in known as the WP GDPR Compliance plug-in contains a dangerous privilege escalation vulnerability that attackers have been actively exploiting to compromise websites. [...] ... Read More
Video: General Data Protection Regulation (GDRP) – The law that lets Europeans take back their data from big tech companies
Tech companies' reign over users' personal data has run largely unchecked in the age of the internet. Europe is seeking to end that with a new law [...] ... Read More
Mitigating Buffer Overflow Attacks in Linux/Unix
A buffer overflow is the most common and the most serious threat to Linux/Unix operating systems. Buffer overflows occur when code running in unprotected memory in a buffer overwrites memory in an adjacent location. [...] ... Read More
Mac OS X Security Keychain
The keychain is a secure database store for passwords and certificates and is created for each user account on Mac OS X. The system software itself uses keychains for secure storage. [...] ... Read More
SSD Encryption from Crucial and Samsung is not secure Exposes Data
The researchers examined multiple SSDs, including Crucial and Samsung, some of which they found could be unlocked with any password if the password validation routine in RAM was modified through a standard JTAG debugging interface. [...] ... Read More
