How To Reverse Engineer the SolarWinds Hack
While there is a lot more functionality to this malware, we hope this basic reverse engineering overview and examples can help you get started reversing the binaries. These techniques are not unique to this sample and can be used with other malware. [...] Read More... The post How To Reverse ... Read More
Multiple Vulnerabilities Discovered in Aviatrix
Versions Tested: Aviatrix Cloud Controller UserConnect-5.3.1516 Aviatrix VPN Client 2.8.2 Product: https://aviatrix.com/cloud-network-platform/ Security Advisories: https://docs.aviatrix.com/HowTos/security_bulletin_article.html Summary: CRITICALSTART‘s TEAMARES recently discovered multiple vulnerabilities in the Aviatrix Cloud Controller appliance v5.3.1516 and Aviatrix VPN client v2.8.2 for Linux, macOS, and Windows. TEAMARES would like to thank the Aviatrix security team for ... Read More
Local Privilege Escalation Vulnerability Discovered in VMware Fusion
VMware Fusion contains a local privilege escalation vulnerability that allows an attacker to inject a malicious path into the system-wide PATH environment variable. [...] Read More... The post Local Privilege Escalation Vulnerability Discovered in VMware Fusion appeared first on Critical Start ... Read More
Electronic Voting: 3 Ways to Strengthen Election Security
Electronic voting is the future - but our security processes are stuck in the past. In this post, we discuss 3 measures to ensure the integrity of all votes cast. [...] Read More... The post Electronic Voting: 3 Ways to Strengthen Election Security appeared first on Critical Start ... Read More
Exploiting Enterprise Passwords
No matter how much you think you’ve done to safeguard your data and systems against breaches, common vulnerabilities continue to wreak havoc on enterprises. The top of the list of these vulnerabilities is weak passwords. According to a 2019 Verizon Data Breach Investigations Report (DBIR), 80% of hacking-related breaches involved compromised ... Read More
Attorney-Client Privilege and Cybersecurity: What’s Changed and How to Adapt
Learn how a recent court decision has impacted attorney-client privilege for existing incident response contracts - and what this means for your business. [...] Read More... The post Attorney-Client Privilege and Cybersecurity: What’s Changed and How to Adapt appeared first on Critical Start ... Read More
