September 2016

Blog > Friday Squid Blogging: Cannibal Squid The Gonatus squid eats its own kind. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Tags: squid Posted on September 30, 2016 at 4:14 PM • 0 Comments Subscribe to…

Read More

Full Disclosure mailing list archives Critical Vulnerability in Ubiquiti UniFi From: Tim Schughart <t.schughart () prosec-networks com> Date: Fri, 30 Sep 2016 11:49:26 +0200 (CEST) Hello @all, together with my colleague we found two uncritical vulnerabilities you’ll find below. Product: UniFi AP AC Lite Vendor: Ubiquiti Networks Inc. Internal reference:…

Read More

Blog > Friday Squid Blogging: Cannibal Squid The Gonatus squid eats its own kind. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Tags: squid Posted on September 30, 2016 at 4:14 PM • 0 Comments Subscribe to…

Read More

Full Disclosure mailing list archives Radioactive Mouse States the Obvious: Exploiting unencrypted and unauthenticated data communication of wireless mice From: Matthias Deeg <matthias.deeg () syss de> Date: Fri, 30 Sep 2016 21:15:55 +0200 tl;dr Today, SySS published a proof-of-concept video demonstrating a mouse spoofing attack resulting in remote code execution…

Read More

Full Disclosure mailing list archives [SYSS-2016-061] PERIDUO-710W – Insufficient Verification of Data Authenticity (CWE-345) From: Matthias Deeg <matthias.deeg () syss de> Date: Fri, 30 Sep 2016 11:32:44 +0200 —–BEGIN PGP SIGNED MESSAGE—– Hash: SHA512 Advisory ID: SYSS-2016-061 Product: PERIDUO-710W Manufacturer: Perixx Computer GmbH Affected Version(s): Part No. KG-1027 Tested Version(s):…

Read More

Full Disclosure mailing list archives CompTIA Security+ and its insecure support system From: <user09990 () tuta io> Date: Fri, 30 Sep 2016 19:02:20 +0200 (CEST) I was signed up CompTIA account with a fake name for a privacy reason. Later on, I wanted to update my name in CompTIA account…

Read More

Full Disclosure mailing list archives Multiple exposures in Sophos UTM From: Tim Schughart <t.schughart () prosec-networks com> Date: Fri, 30 Sep 2016 11:33:31 +0200 (CEST) Hello @all, together with my colleague we found two uncritical vulnerabilities you’ll find below. Product: Sophos UTM Vendor: Sophos ltd. Internal reference: ? (Bug ID)…

Read More

Full Disclosure mailing list archives [SYSS-2016-060] Logitech M520 – Insufficient Verification of Data Authenticity (CWE-345) From: Matthias Deeg <matthias.deeg () syss de> Date: Fri, 30 Sep 2016 11:31:04 +0200 —–BEGIN PGP SIGNED MESSAGE—– Hash: SHA512 Advisory ID: SYSS-2016-060 Product: M520 (Mouse of Wireless Combo MK520) Manufacturer: Logitech Affected Version(s): Model…

Read More