It’s October bringing fall weather, pumpkin spiced lattes and a month dedicated to cybersecurity awareness.
CyberOne Security Team
This article was written by members of the CyberOne Security Team, drawing on decades of combined experience in cloud and network security, penetration testing, threat intelligence, and advisory services.
Exploiting Kaseya Unitrends Backup Appliance – Part 2
This is the second installment of the Exploiting Unitrends series and will focus on several critical unauthenticated SQL Injection vulnerabilities leading to remote code execution.
Exploiting Kaseya Unitrends Backup Appliance – Part 1
Multiple vulnerabilities were discovered in the Unitrends Backup appliance and client software. An attacker with network access to the management interface or backup ports on the client or server could be exploited to compromise the machine. Both suffer from critical remote code execution vulnerabilities.
CyberOne Announces Strategic Plans for National Expansion
Plano, TX – November 16, 2021 — CyberOne, a trusted cybersecurity advisory and solutions leader, announced today its plans to spin off from the CRITICALSTART brand as an independent company.
How To Reverse Engineer the SolarWinds Hack
When it comes to security incidents involving malware, most of us rely on the information provided by the investigating firm to understand what the malware does, why it does it, and how to find it in our own environment. However, if you are interested in more in-depth details like us, you also want to know […]
Death to Vulnerability Management As We Know It
Vulnerability Management concepts are changing. The idea that vulnerability management is limited to scanning alone is being replaced with a wider and more comprehensive view. It’s now transforming to a concept called vulnerability identification, which is an umbrella for any type of service or activity centered around identifying vulnerabilities. This can include scanning and penetration […]
Multiple Vulnerabilities Discovered in Aviatrix
Versions Tested: Aviatrix Cloud Controller UserConnect-5.3.1516 Aviatrix VPN Client 2.8.2 Product: https://aviatrix.com/cloud-network-platform/ Security Advisories: https://docs.aviatrix.com/HowTos/security_bulletin_article.html Summary: CyberOne discovered multiple vulnerabilities in the Aviatrix Cloud Controller appliance v5.3.1516 and Aviatrix VPN client v2.8.2 for Linux, macOS, and Windows and would like to thank the Aviatrix security team for partnering with us to get the issues resolved. The Aviatrix security […]
Local Privilege Escalation Vulnerability Discovered in VMware Fusion
Summary: VMware Fusion contains a local privilege escalation vulnerability that allows an attacker to inject a malicious path into the system-wide PATH environment variable. Versions Tested: VMware Fusion Professional v15.5.5 Product: https://www.vmware.com/products/fusion.html Security Advisories: https://www.vmware.com/security/advisories/VMSA-2020-0020.html CVE Number: CVE-2020-3980 CVSS Score: 6.7 CWE: CWE-269: Improper Privilege Management Vulnerability Details During a startup, VMware Fusion updates the […]
Electronic Voting: 3 Ways to Strengthen Election Security
It is no secret that wildly different political views aside, the threat of foreign and even domestic interference in the 2020 U.S. presidential elections is dominating our politics in advance of November. At its core, the subject of election security comes down to one key question: How secure is your vote? The Current State of […]
F5 BIG-IP Remote Code Execution Exploit – CVE-2020-5902
When CyberOne began research into the vulnerability identified in the F5 TMUI RCE vulnerability advisory, we initially started by reading the advisory and mitigation steps, which contained minimal details but included key pieces of information needed to kick off our research. The advisory states that the vulnerability impacts a variety of capabilities when exploited, including the ability […]