HackDig : Dig high-quality web security articles

HackerOne insider fired for trying to claim other people’s bounties

The vulnerability disclosure platform HackerOne has revealed that one of their staff members had improperly accessed security reports for personal gain. The—now former—staff member approached HackerOne customers with vulnerabilities that belonged to users of the platform. HackerOne HackerOne acts as a mediator between white hat hackers that find sof
Publish At:2022-07-04 20:00 | Read:483 | Comments:0 | Tags:Reports bug bounty disclosure HackerOne insider threat rzlr

ManiMed: Ypsomed AG – mylife YpsoPump System Vulnerabilities

Manipulating Medical Devices The Federal Office for Information Security (BSI) aims to sensitize manufacturers and the public regarding security risks of networked medical devices in Germany. In response to the often fatal security reports and press releases of networked medical devices, the BSI initiated the project Manipulation of Medical Devices (ManiMed)
Publish At:2021-07-29 04:56 | Read:1827 | Comments:0 | Tags:Breaking disclosure medical pentest

ManiMed: Hamilton Medical AG – HAMILTON-T1 Ventilator Vulnerabilities

Manipulating Medical Devices The Federal Office for Information Security (BSI) aims to sensitize manufacturers and the public regarding security risks of networked medical devices in Germany. In response to the often fatal security reports and press releases of networked medical devices, the BSI initiated the project Manipulation of Medical Devices (ManiMed)
Publish At:2021-02-22 09:04 | Read:2159 | Comments:0 | Tags:Breaking disclosure medical pentest

ManiMed: B. Braun Melsungen AG – Space System Vulnerabilities

Manipulating Medical Devices The Federal Office for Information Security (BSI) aims to sensitize manufacturers and the public regarding security risks of networked medical devices in Germany. In response to the often fatal security reports and press releases of networked medical devices, the BSI initiated the project Manipulation of Medical Devices (ManiMed)
Publish At:2021-02-15 05:28 | Read:3148 | Comments:0 | Tags:Breaking disclosure medical pentest

ManiMed: Innokas Yhtymä Oy – VC150 Patient Monitor Vulnerabilities

Manipulating Medical Devices The Federal Office for Information Security (BSI) aims to sensitize manufacturers and the public regarding security risks of networked medical devices in Germany. In response to the often fatal security reports and press releases of networked medical devices, the BSI initiated the project Manipulation of Medical Devices (ManiMed)
Publish At:2021-02-01 03:12 | Read:2439 | Comments:0 | Tags:Breaking disclosure medical pentest

ManiMed: Philips Medizin Systeme Böblingen GmbH – IntelliVue System Vulnerabilities

Manipulating Medical Devices The Federal Office for Information Security (BSI) aims to sensitize manufacturers and the public regarding security risks of networked medical devices in Germany. In response to the often fatal security reports and press releases of networked medical devices, the BSI initiated the project Manipulation of Medical Devices (ManiMed)
Publish At:2021-01-25 06:22 | Read:2585 | Comments:0 | Tags:Breaking disclosure medical pentest

Root Cause Analysis of a Heap-Based Buffer Overflow in GNU Readline

In the last blog post, we discussed how fuzzers determine the uniqueness of a crash. In this blog post, we discuss how we can manually triage a crash and determine the root cause. As an example, we use a heap-based buffer overflow I found in GNU readline 8.1 rc2, which has been fixed in the newest release. We use GDB and rr for time-travel debugging to deter
Publish At:2020-12-17 06:22 | Read:2630 | Comments:0 | Tags:Breaking Misc disclosure fuzzing

VMware NSX-T MITM Vulnerability (CVE-2020-3993)

NSX-T is a Software-Defined-Networking (SDN) solution of VMware which, as its basic functionality, supports spanning logical networks across VMs on distributed ESXi and KVM hypervisors. The central controller of the SDN is the NSX-T Manager Cluster which is responsible for deploying the network configurations to the hypervisor hosts. This summer, I looked in
Publish At:2020-11-26 07:16 | Read:2309 | Comments:0 | Tags:Breaking CVE-2020-3993 disclosure NSX-T VMware vulnerability

Vulnerabilities in GNU Readline Fixed

Recently I discovered some vulnerabilities in GNU Readline. These bugs have been fixed in GNU Readline version 8.1. The case of identifying the vulnerabilities was rather interesting. I wanted to fuzz another program and wrote a quick harness to test if my setup works. This test harness used GNU Readline to read input from stdin and passed the data along to
Publish At:2020-10-07 06:27 | Read:2278 | Comments:0 | Tags:Breaking disclosure fuzzing

Unauthenticated File upload Vulnerability on Synology Sub-domain

In this post, you will learn about how I could find the unauthenticated file upload vulnerability in Synology and, according to Synology’s highest amount for website security bounty. Start Point to be noted, before I found this bug, I had also found a bug in their hardware device, which I’ll release soon. During performing the hardware devi
Publish At:2020-09-30 11:15 | Read:2215 | Comments:0 | Tags:Disclosure Synology Security Synology vulneerability Unauthe

ERNW White Paper 69 – Safety Impact of Vulnerabilities in Insulin Pumps

With this blog post I am pleased to announce the publication of a new ERNW White Paper [1]. The paper is about severe vulnerabilities in an insulin pump we assessed during project ManiMed and we are proud to publish this subset of the results today. Manipulating Medical Devices The German Federal Office for Information Security (BSI), in its role as the Fed
Publish At:2020-09-11 09:06 | Read:2432 | Comments:0 | Tags:Breaking disclosure ERNW white paper medical

Medical Device Security: HL7v2 Injections in Patient Monitors

Digital networking is already widespread in many areas of life. In the healthcare industry, a clear trend towards networked devices is noticeable, so that the number of high-tech medical devices in hospitals is steadily increasing. In this blog post, we want to elucidate a vulnerability we identified during the security assessment of a patient monitor. The d
Publish At:2020-05-03 08:57 | Read:3286 | Comments:0 | Tags:Breaking disclosure medical

Jenkins – Groovy Sandbox breakout (SECURITY-1538 / CVE-2019-10393, CVE-2019-10394, CVE-2019-10399, CVE-2019-10400)

Recently, I discovered a sandbox breakout in the Groovy Sandbox used by the Jenkins script-security Plugin in their Pipeline Plugin for build scripts. We responsibly disclosed this vulnerability and in the current version of Jenkins it has been fixed and the according Jenkins Security Advisory 2019-09-12 has been published. In this blogpost I want to report
Publish At:2019-09-20 12:15 | Read:3028 | Comments:0 | Tags:Breaking advisory Break Out disclosure vulnerability

DameWare Vulnerability

In course of a recent research project, I had a look at SolarWinds DameWare, which is a commercial Remote Access Software product running on Windows Server. I identified a remote file download vulnerability in the download function for the client software that can be exploited remotely and unauthenticated and that allows to download arbitrary files from the
Publish At:2016-10-06 15:45 | Read:8791 | Comments:0 | Tags:Insecurity Security DameWare Disclosure SolarWinds Vulnerabi

Ruckus Raucous: Finding Security Flaws in Enterprise-Class Hardware

Wireless routers designed for consumers often do not employ proper security practices.This topic was extensively covered in VERT’s 2014 report, “SOHO Wireless Router (In)security.” Our research revealed that 74% of the 50 top-selling consumer routers on Amazon shipped with security vulnerabilities, including 20 different models where the latest firmware from
Publish At:2016-08-03 13:00 | Read:18140 | Comments:0 | Tags:Featured Articles Security Awareness Vulnerability Managemen

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud