Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

Researcher disclosed 0day flaw in FireEye and offers others for sale

Fireeye-zero-day-150x150
The expert Kristian Erik Hermansen disclosed a zero-day flaw in the FireEye core appliance that could be exploited to gain remote root file system access.

Yesterday security researcher Kristian Erik Hermansen disclosed a zero-day vulnerability in the FireEye core appliance that could be exploited to gain remote root file systemaccess.

Hermansen told to CSOonlinethat he was working with the colleague Ron Perris when discovered thirty vulnerabilities in FireEye’s product, including multiple remote root issues.

The expert also published a proof of concept to show hot to trigger the vulnerability to ccopy the /etc/passwd file.

Here starts the bad news for FireEye because Hermansen claims to have discovered other three zero-day and is offering them for sale. Hermansen claims to have founda login bypass vulnerability, acommand injection vulnerabilities.

The disclosed flaw seems to affect a PHP script on the FireEye appliance, the expert has publicly criticized the implementation...(continued)

View All Trending Stories