Prepare your business with On-Demand Breach Response

Uncovering Your Security Blind Spots: Keys to Protecting your Organization from the Unknown

Many organizations are shocked to learn their systems have been breached, with attackers having exposed vulnerabilities. However, you can defend your organization against these threats by taking some proactive measures. Minimizing your security risk begins with risk management – ensuring proper asset management, implementing policies and procedures around protecting assets, and effective risk mitigation. Yet […]

Read More…

MSSP vs MDR: Comparing Incident Response Capabilities

Three acronyms swirl around today’s security discussions: Managed Detection and Response (MDR), Managed Security Service Provider (MSSP), and Security Incident and Event Management (SIEM). While all three of these concepts are often discussed in the same conversation, one (SIEM) is really a tool while the other two (MDR and MSSP) are services that can work […]

Read More…

Outer Space Meets Cyberspace: What Space Travel Can Teach Us About Cybersecurity

February 20, 1962: An Atlas LV-3B launch vehicle lifts off from Launch Complex 14 at Cape Canaveral, Florida. It’s lifting astronaut John Glenn into orbit aboard the Mercury program spacecraft known as Friendship 7. At the time, this was a technological marvel and a wonder of engineering complexity. But it was this complexity that Glenn […]

Read More…

SOC vs. CSIRT: What’s the Difference?

Years ago, organizations relied primarily on their IT department to manage security. As cybersecurity attacks increased in frequency and sophistication, companies launched Security Operations Centers (SOCs) to centralize security tools and personnel. Yet in recent years, as the number of security breaches escalated, organizations realized they needed dedicated response teams, which led to the introduction […]

Read More…

Local Privilege Escalation Discovered in GlobalProtect App

Versions Tested: GlobalProtect App < 5.1.4 on Windows GlobalProtect App < 5.0.10 on Windows Product:https://www.paloaltonetworks.com/products/globalprotect Security Advisories:https://security.paloaltonetworks.com/CVE-2020-2032 CVE Numbers:CVE-2020-2032 CVSS Score:7.0 CWE:CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition NIST:N/A OWASP:N/A   Summary: A race condition vulnerability in the Palo Alto Networks GlobalProtect app on Windows allowed a local limited Windows user to execute programs with SYSTEM […]

Read More…

Securing Your Cookies: HTTPOnly Flag for Cookie Theft Defense

Missing HttpOnly flags on cookies are a common finding in Web Application penetration testing. Many times, there is confusion surrounding whether it is necessary to enable this flag though. However, cookies can contain session tokens and other values that can be useful to a malicious actor and should be protected. If the cookies do not […]

Read More…

Local Privilege Escalation Discovered in VMware Fusion

  Versions Tested: VMware Fusion 11.5.3 Products: https://www.vmware.com/products/fusion.html https://docs.vmware.com/en/VMware-Remote-Console/index.html https://docs.vmware.com/en/VMware-Horizon-Client/index.html Security Advisories: https://www.vmware.com/security/advisories/VMSA-2020-0011.html CVE Number(s): CVE-2020-3957 CVSS Score: 7.3 CWE: CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-424: Improper Protection of Alternate Path NIST: N/A OWASP: N/A   Summary: VMware Fusion, VMRC and Horizon Client contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use […]

Read More…

Once More Unto the Breach: An Exploration into Breach Prevention and Response

Organizations continue to learn the hard way that cybersecurity breaches can happen for many reasons at companies of any size and maturity level. Hackers are relentless in testing the waters to reveal vulnerabilities, and sneak in through whatever means possible once they detect security blind spots. The list of where vulnerabilities reside can be daunting: […]

Read More…

COVID-19 Contact Tracing Methods Compared: Examining Privacy & Security Implications

Discussions about contact tracing have been ongoing since February 2020, when some experts began looking ahead at how to move through the global COVID-10 pandemic. What Is Contact Tracing? Contact tracing essentially comprises identifying those who have been infected with COVID-19 and notifying as many people as possible who have been in close contact with […]

Read More…

CRITICALSTART’s TEAMARES a Top Contributor to [email protected] in Global Fight Against COVID-19

In times like these, we all could use some good news and CRITICALSTART‘s TEAMARES is excited to share some: we just reached top contributor status in our participation in [email protected]’s fight against COVID-19! As of this week, we are now in the top 0.3% of all team contributors. It would not be possible without the […]

Read More…

Free MOBILESOC and Endpoint Protection for Remote Security Teams until June 15 

Like many other organizations, we have deliberated on how CRITICALSTART can contribute to the safety and well-being of the broader community, not just our customers and employees.    A tremendous number of people have suffered job losses during this crisis, so one of our first announcements was that the company would not be cutting any headcount and that we would allow every employee up […]

Read More…

Hard-Coded Administrator Password Discovered in OpsRamp Gateway

  Version Tested: 3.0.0 Product: https://www.opsramp.com/ CVE Numbers: CVE-2020-11543 CVSS Score: 10.0 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CWE: CWE-798: Use of Hard-coded Credentials OWASP: https://owasp.org/www-community/vulnerabilities/Use_of_hard-coded_password   Summary: During a recent penetration test, CRITICALSTART‘s TEAMARES researchers discovered that OpsRamp Gateway has an administrative account named vadmin that allows root SSH access to the server. This account was unknown to clients […]

Read More…

Vulnerabilities Discovered in CIPAce Enterprise Platform

  Versions Tested: CIPAce Version < 6.80 Build 2016031401 CIPAce Version < 9.1 Build 2019092801 Product: https://www.cipplanner.com/Products/CIPAce/Pages/CPMPlatform.aspx Security Advisories: N/A CVE Numbers: CVE-2020-11586 CVE-2020-11587 CVE-2020-11588 CVE-2020-11589 CVE-2020-11590 CVE-2020-11591 CVE-2020-11592 CVE-2020-11593 CVE-2020-11594 CVE-2020-11595 CVE-2020-11596 CVE-2020-11597 CVE-2020-11598 CVE-2020-11599 CRITICALSTART‘s TEAMARES researchers have released a steady cadence of advice regarding the importance of testing your systems regularly for […]

Read More…

Telesploit: Open-Source Remote Vulnerability Assessment & Penetration Testing

Due to current events, your organization is more than likely experiencing disruption resulting from a rush to implement remote work policies, social distancing, and other unexpected changes to business as usual. And if you’re like many organizations, chances are you did not have remote work contingency plans in place and may be scrambling to find […]

Read More…

Authentication Bypass Vulnerability Discovered in Infinias eIDC32 WebServer

Versions Tested: Web Revision: 1.107, Board: 3.001, Firmware: 2.213 Product: https://www.3xlogic.com/products/access-control/infinias-ethernet-enabled-integrated-door-controller-eidc Security Advisories: N/A CVE Numbers: CVE-2020-11542 CVSS Score: N/A CWE: CWE-305: Authentication Bypass by Primary Weakness NIST: IA-4: Identifier Management OWASP: A2: Broken Authentication   With access to a system’s control interface, a malicious actor can unlock controls remotely, allowing them to gain physical […]

Read More…

CRITICALSTART’s TEAMARES Research Is Aiding Global Fight Against COVID-19

What does a computer virus have in common with the Coronavirus (COVID-19)? Plenty, believe it or not, as technology can be used to help solve both. The TEAMARES research team has found that our hash cracker Cthulhu can be used to run computer simulations that mimic the same complex protein folding that occurs in viruses. […]

Read More…

Regex Revelry

Regular Expressions (Regex) are used to identify strings that defy simple search terms, which infosec and technology professionals use for things like input validation, searching and scripting. Unfortunately, the syntax can be intimidating and the learning curve steep for beginners. Throw in a handful of different flavors and the confusion grows. While it can be […]

Read More…

Vulnerabilities Discovered in Tiff Server from AquaForest

Versions Tested: Tiff Server 4.0 Product: https://www.aquaforest.com/en/tiffserver.asp Security Advisories: N/A CVE Numbers: CVE-2020-9323 CVE-2020-9324 CVE-2020-9325 CVSS Score: Unauthenticated File and Directory Enumeration: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:W/RC:C Unauthenticated Arbitrary File Download: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:C Unauthenticated SMB Hash Capture via UNC: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:C CWE: Unauthenticated File and Directory Enumeration: CWE-22: Improper Limitation of a Pathname to a Restricted Directory (“Path Traversal”) Unauthenticated Arbitrary […]

Read More…

State Legislation May Drive Federal Security Compliance Regulations in 2020

State governments are taking the lead in developing cybersecurity regulations as cyberattacks and data breaches continue to skyrocket. There’s a huge need for privacy regulations in the U.S. as the federal government has been deficient in adopting regulations. To help drive home the need for cybersecurity policies, states are attempting to push forward some type […]

Read More…

Vulnerability Focus: Exploits Impacting Organizations

No matter how much you think you’ve done to protect your data and systems, common vulnerabilities continue to wreak havoc on enterprises. Cyberattacks are already increasing due to global events, meaning it’s more important than ever to identify and secure vulnerabilities. The following are some vulnerability trends the TEAMARES team is seeing – and what […]

Read More…

SOAR And MDR: Finding The Best Fit To Augment Security

The well-documented shortage of experienced cybersecurity practitioners is hindering organizations’ ability to achieve an acceptable risk level. To control expenses and employee turnover due to the shortage, many organizations look to augment security teams with security orchestration automation and response (SOAR) platforms and managed detection and response (MDR) services. (Full disclosure: My company offers the latter.) While differences […]

Read More…

4 Key Steps to Protect Your Organization Against Increased Cyber Threats

In today’s cyber threat landscape, it’s not just the military-industrial and defense industries that have a legitimate reason to be concerned about cyber terrorism and state-sponsored cyberattacks. Attacks from state-sponsored sources have significantly increased over the past few years. If you examine the report from the Center for Strategic & International Studies Significant Incidents Summary, […]

Read More…