Prepare your business with On-Demand Breach Response

COVID-19 Contact Tracing Methods Compared: Examining Privacy & Security Implications

Discussions about contact tracing have been ongoing since February 2020, when some experts began looking ahead at how to move through the global COVID-10 pandemic. What Is Contact Tracing? Contact tracing essentially comprises identifying those who have been infected with COVID-19 and notifying as many people as possible who have been in close contact with […]

Read More…

CRITICALSTART’s TEAMARES a Top Contributor to [email protected] in Global Fight Against COVID-19

In times like these, we all could use some good news and CRITICALSTART‘s TEAMARES is excited to share some: we just reached top contributor status in our participation in [email protected]’s fight against COVID-19! As of this week, we are now in the top 0.3% of all team contributors. It would not be possible without the […]

Read More…

Free MOBILESOC and Endpoint Protection for Remote Security Teams until June 15 

Like many other organizations, we have deliberated on how CRITICALSTART can contribute to the safety and well-being of the broader community, not just our customers and employees.    A tremendous number of people have suffered job losses during this crisis, so one of our first announcements was that the company would not be cutting any headcount and that we would allow every employee up […]

Read More…

Hard-Coded Administrator Password Discovered in OpsRamp Gateway

  Version Tested: 3.0.0 Product: https://www.opsramp.com/ CVE Numbers: CVE-2020-11543 CVSS Score: 10.0 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CWE: CWE-798: Use of Hard-coded Credentials OWASP: https://owasp.org/www-community/vulnerabilities/Use_of_hard-coded_password   Summary: During a recent penetration test, CRITICALSTART‘s TEAMARES researchers discovered that OpsRamp Gateway has an administrative account named vadmin that allows root SSH access to the server. This account was unknown to clients […]

Read More…

Vulnerabilities Discovered in CIPAce Enterprise Platform

  Versions Tested: CIPAce Version < 6.80 Build 2016031401 CIPAce Version < 9.1 Build 2019092801 Product: https://www.cipplanner.com/Products/CIPAce/Pages/CPMPlatform.aspx Security Advisories: N/A CVE Numbers: CVE-2020-11586 CVE-2020-11587 CVE-2020-11588 CVE-2020-11589 CVE-2020-11590 CVE-2020-11591 CVE-2020-11592 CVE-2020-11593 CVE-2020-11594 CVE-2020-11595 CVE-2020-11596 CVE-2020-11597 CVE-2020-11598 CVE-2020-11599 CRITICALSTART‘s TEAMARES researchers have released a steady cadence of advice regarding the importance of testing your systems regularly for […]

Read More…

Telesploit: Open-Source Remote Vulnerability Assessment & Penetration Testing

Due to current events, your organization is more than likely experiencing disruption resulting from a rush to implement remote work policies, social distancing, and other unexpected changes to business as usual. And if you’re like many organizations, chances are you did not have remote work contingency plans in place and may be scrambling to find […]

Read More…

Authentication Bypass Vulnerability Discovered in Infinias eIDC32 WebServer

Versions Tested: Web Revision: 1.107, Board: 3.001, Firmware: 2.213 Product: https://www.3xlogic.com/products/access-control/infinias-ethernet-enabled-integrated-door-controller-eidc Security Advisories: N/A CVE Numbers: CVE-2020-11542 CVSS Score: N/A CWE: CWE-305: Authentication Bypass by Primary Weakness NIST: IA-4: Identifier Management OWASP: A2: Broken Authentication   With access to a system’s control interface, a malicious actor can unlock controls remotely, allowing them to gain physical […]

Read More…

CRITICALSTART’s TEAMARES Research Is Aiding Global Fight Against COVID-19

What does a computer virus have in common with the Coronavirus (COVID-19)? Plenty, believe it or not, as technology can be used to help solve both. The TEAMARES research team has found that our hash cracker Cthulhu can be used to run computer simulations that mimic the same complex protein folding that occurs in viruses. […]

Read More…

Regex Revelry

Regular Expressions (Regex) are used to identify strings that defy simple search terms, which infosec and technology professionals use for things like input validation, searching and scripting. Unfortunately, the syntax can be intimidating and the learning curve steep for beginners. Throw in a handful of different flavors and the confusion grows. While it can be […]

Read More…

Vulnerabilities Discovered in Tiff Server from AquaForest

Versions Tested: Tiff Server 4.0 Product: https://www.aquaforest.com/en/tiffserver.asp Security Advisories: N/A CVE Numbers: CVE-2020-9323 CVE-2020-9324 CVE-2020-9325 CVSS Score: Unauthenticated File and Directory Enumeration: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:W/RC:C Unauthenticated Arbitrary File Download: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:C Unauthenticated SMB Hash Capture via UNC: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:C CWE: Unauthenticated File and Directory Enumeration: CWE-22: Improper Limitation of a Pathname to a Restricted Directory (“Path Traversal”) Unauthenticated Arbitrary […]

Read More…

State Legislation May Drive Federal Security Compliance Regulations in 2020

State governments are taking the lead in developing cybersecurity regulations as cyberattacks and data breaches continue to skyrocket. There’s a huge need for privacy regulations in the U.S. as the federal government has been deficient in adopting regulations. To help drive home the need for cybersecurity policies, states are attempting to push forward some type […]

Read More…

Vulnerability Focus: Exploits Impacting Organizations

No matter how much you think you’ve done to protect your data and systems, common vulnerabilities continue to wreak havoc on enterprises. Cyberattacks are already increasing due to global events, meaning it’s more important than ever to identify and secure vulnerabilities. The following are some vulnerability trends the TEAMARES team is seeing – and what […]

Read More…

SOAR And MDR: Finding The Best Fit To Augment Security

The well-documented shortage of experienced cybersecurity practitioners is hindering organizations’ ability to achieve an acceptable risk level. To control expenses and employee turnover due to the shortage, many organizations look to augment security teams with security orchestration automation and response (SOAR) platforms and managed detection and response (MDR) services. (Full disclosure: My company offers the latter.) While differences […]

Read More…

4 Key Steps to Protect Your Organization Against Increased Cyber Threats

In today’s cyber threat landscape, it’s not just the military-industrial and defense industries that have a legitimate reason to be concerned about cyber terrorism and state-sponsored cyberattacks. Attacks from state-sponsored sources have significantly increased over the past few years. If you examine the report from the Center for Strategic & International Studies Significant Incidents Summary, […]

Read More…

The First Channel-Only MDR

When CRITICALSTART first opened for business in 2012, we pursued a service-led product resell business to ensure we were adding value rather than simply pushing product. Serving as a trusted advisor to our customers, we encountered various approaches to the channel, whether direct, channel-friendly, or channel-only. Our experience in assessing the best approaches for our […]

Read More…

Retailers: Don’t Let Black Friday Cyberattacks Darken Holiday Shopping

Valentine’s Day, Mother’s Day, Independence Day, Back-to-School, and Halloween are days in which retailers reap huge profits. Yet nothing compares to the most wonderful time of the year: Thanksgiving Day to Cyber Monday. In a recent survey by the National Retail Federation (NRF), consumers say they will spend an average of $1,047.83 this holiday season, […]

Read More…

Reducing Vulnerabilities: Addressing Orphaned Systems and Weak Passwords

Luckily, it was only a test. During penetration testing for two international companies, our team found numerous vulnerabilities. In both cases we had total control over all systems within the clients’ network and could easily shut them down, siphon data from critical customer-facing systems, take over PCI assets, and more. If we were the bad […]

Read More…

Cybersecurity 101: What to Look for in a Partner

The key to effective cybersecurity is to quickly stop an attack before it becomes a breach. Leveraging the right tools and working with the right partner is critical in stopping breaches and securing your digital profile. However, to understand what to look for, it’s important to have complete visibility into your environment. Today, most organizations […]

Read More…

Research Report: The Impact of Security Alert Overload

CRITICALSTART conducted a survey of more than 50 Security Operations Center (SOC) professionals across enterprises, Managed Security Services Providers (MSSP) and Managed Detection & Response (MDR) providers to evaluate the state of incident response within SOCs. The survey was fielded Q2 2019. The report and analysis are based on the responses received from this sample […]

Read More…

SECURITY TOOLS

THREAT ANALYTICS Search CHROME Extension Current Version 4.0.4 – Updated on 8/26/2019 to include the capability to base64 encode the selection prior to its use. This expands the types of websites and services this extension can be used for.   Version 4.0 – Updated on 5/7/2015 to add support for the 3rd group and the […]

Read More…

Cybercriminals Going after K-12? Yep, It’s a Thing.

Louisiana Governor John Bel Edwards has issued a state of emergency due to a malware attack against several local schools in the Sabine, Morehouse, and Ouachita Parishes, in northern Louisiana. This is the first activation of Louisiana’s emergency support function relating to cybersecurity in the state’s history, giving the state access to some much-needed assistance […]

Read More…

Tackling the Cybersecurity Talent Shortage, One Alert at a Time

  Reducing alert overload by integrating zero-trust technology as part of your security posture can help solve the headcount problem. Without question, there’s an acute shortage of cybersecurity talent. Depending on whose numbers you believe, there’s something along the lines of 1 million open cybersecurity jobs in the world today. Gartner analyst Earl Perkins summarizes the problem […]

Read More…

The Industry’s First – and Only – MOBILESOC App Just Got Better

Instant triage and response to security alerts? We’ve got an app for that. We’re changing the way Security Operations Center (SOC) teams interact. Always looking to improve our best-in-class Managed Detection and Response (MDR) services, we recently redesigned our MOBILESOC app with a new, easy-to-use interface. The app contains a host of new features including […]

Read More…

ManageEngine Privilege Escalation

Background: After running into ManageEngine products on a number of penetration tests, we decided to take a closer look at their products and see if there were any vulnerabilities that we could take advantage of. CVE Numbers: CVE-2019-12876 Versions Tested: DesktopCentral – 10.0.380 ADSelfService Plus – 5.7 ADManager Plus – 6.6.5 DLL Hijacking: Multiple ManageEngine […]

Read More…