A story about looking at the effectiveness of web application firewalls and finding bypasses for the filter ruleset. https://www.pentagrid.ch/en/blog/airlock-web-application-firewall-ruleset-testing-and-waf-bypasses/ #WAF #OWASP #coreruleset #ergon #airlock

Pentagrid published two #Hackvertor tags for #EAN13 (also Swiss AHV numbers) and #TOTP for #2FA. These tags are available via the Hackvertor Tag Store by @garethheyes. Our blog post explains what these tags do and how they can be used. https://www.pentagrid.ch/en/blog/hackervertor-ean13-and-totp-tags-for-web-application-penetration-testing-with-burp/ #pentest #OWASP

Pentagrid is looking for an IT security analyst (d/f/m) in Buchs SG, Switzerland. https://www.pentagrid.ch/en/pages/career/ #FediHire #infosec

Today, our certificate transparency monitoring popped up with an InvalidSignature exception, because we didn't add the recent Let's Encrypt intermediate CAs as monitoring trust anchors. We updated the documentation accordingly, but it is good to see it working. If you want to monitor your certificates, you may run your own instance. https://github.com/pentagridsec/check-transparency-logs

If you want to protect your IT #infrastructure against #MITM attacks where an attacker bypasses domain verification to obtain valid certificates, you may want to use #CAA and #accountURI binding, which is easy to set up. https://www.pentagrid.ch/en/blog/domain-verification-bypass-prevention-caa-accounturi/ #hardening

Our colleague Michael will be speaking about #Unify #OpenScape and #OpenStage #VoIP phones at the #Area41 security conference in Zurich on June 6. If you use these VoIP systems, we recommend coming to the talk.

It happened again. We accidentally broke another #hotel check-in #terminal. This time Mr O'Yolo triggered a problem, crashed the #Ariane Allegro Scenario Player and escaped the #kiosk mode, which enabled access to the Windows Desktop: https://www.pentagrid.ch/en/blog/ariane-allegro-hotel-check-in-terminal-kios-escape/ #itsecurity #infosec

This is not a late April Fool's joke: After #37C3, we accidentally dumped the keypad codes of almost half of an IBIS hotel's rooms by entering some dashes into a check-in terminal: https://www.pentagrid.ch/en/blog/ibis-hotel-check-in-terminal-keypad-code-leakage/ #itsecurity #infosec #ibis #accor #terminal #hotel

#SQLinjection in login dialog of web-based #YABOOK harbour administration allows authentication bypass
https://www.pentagrid.ch/en/blog/sql-injection-in-port-administration-software-yabook/
#pentest #sailing #hafenverwaltung #imonaboat

Multiple vulnerabilities in Lantronix EDS-MD IoT gateway for medical devices: https://www.pentagrid.ch/en/blog/multiple-vulnerabilties-in-lantronix-eds-md-iot-gateway/ #itsecurity #infosec #pentesting #lantronix #iot #medical

Multiple vulnerabilities affecting #Atos #Unify IP Devices - the vendor published OBSO-2312-01: https://networks.unify.com/security/advisories/OBSO-2312-01.pdf

♫ Ground control to Major Tom, take the patch and put secure mode on. ♫ https://github.com/pentagridsec/openstage-exploit-chain #openstage #openscape #unify

RCE and LPE in a wide range of Mitel Unify #OpenStage and #OpenScape VoIP phones with default config: https://www.pentagrid.ch/en/blog/rce-and-local-root-in-openstage-and-openscape-phones/ #itsecurity #infosec #pentesting #voip #unify

Summer is clearly over and silly season, too. We saw neither alligators in the swimming lake nor lions in town, but a a snake curling through the infrastructure. It was a #python. A few email-related Python libraries do not check server certificates. It is nothing new, but still a bit surprising in 2023 and not everyone got the memo.

https://www.pentagrid.ch/en/blog/python-mail-libraries-certificate-verification/
#itsecurity #infosec #pentesting #python #email #bugbounty

I think a 9.0 for CVS-2023-42629 is a bit overrated, because of PR:L, but anyway Liferay publishes an advisory for this: https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-42629

The #Liferay Portal software < 7.4.3.88 respectively < 7.4.3.92 is affected by persistent cross-site-scripting vulnerabilities. https://www.pentagrid.ch/en/blog/stored-cross-site-scripting-vulnerabilities-in-liferay-portal/ #itsecurity #infosec #pentesting

Wir haben ein Werkzeug in Python geschrieben, dass Dateiarchive wie zip, tar und cpio generiert welche Path Traversal Angriffe beinhalten: https://www.pentagrid.ch/de/blog/archive-pwn-tool-release/ #itsicherheit #informationssicherheit #pentesting

We wrote a tool in Python to create file archives such as zip, tar and cpio that include path traversal attacks: https://www.pentagrid.ch/en/blog/archive-pwn-tool-release/ #itsecurity #infosec #pentesting

We analysed the security of a #WindRiver #VxWorks (the operating system running also on NASA's Curiosity mars rover) embedded device and found a critical vulnerability in the #tarExtract function: https://www.pentagrid.ch/en/blog/wind-river-vxworks-tarextract-directory-traversal-vulnerability/ #itsecurity #infosec #pentesting #cisa #vxworks

Wir haben uns das Liechtensteiner #Gesundheitsdossier und die zugrunde liegende Portal-Software #Liferay angeschaut. Im Ergebnis haben wir Verwundbarkeiten in Liferay gefunden und Schwächen im IT-Setup: https://www.pentagrid.ch/de/blog/it-sicherheit-beim-elektronischen-gesundheitsdossier-im-fuerstentum-liechtenstein/ #itsicherheit #informationssicherheit #eHealth #eGD