2Cents about Cyber Security

Analyzing Cyber Attacks Statistics it’s clear how the firewall isn’t enough! Attacks are changed and now are targeted primary to WebApps and DDOS. So firewalls can’t protect well the corporate infrastructure and you need something more. The Web Application Firewall and DDOS protection solution are now the new trend of security solution that corporate must adopt in near future to become prote...

Analyzing Cyber Attacks Statistics it’s clear how the firewall isn’t enough! Attacks are changed and now are targeted primary to WebApps and DDOS. So firewalls can’t protect well the corporate infrastructure and you need something more. The Web Application Firewall and DDOS protection solution...

  Some month ago I found this XSS into FAQ module of the well-know OTRS support ticketing system. This vulnerability permit to an attacker whit FAQ publishing permission to “grab” the other user and/or admin that accesS a malicius FAQ. You can find the public disclosure @ the following links: OTRS Sec ExploitDB Tennable

  Some month ago I found this XSS into FAQ module of the well-know OTRS support ticketing system. This vulnerability permit to an attacker whit FAQ publishing permission to “grab” the other user and/or admin that accesS a malicius FAQ. You can find the public disclosure @ the following links: O...

Some CTERA cloud attached storage are vulnerable to Direct Object References permitting some information disclosure to authenticated user (with no administration permission). For example a user can obtain the full list of users with their emails etc. CTERA R&D had solved this issue into 3.2.47 firmware release. So this issue must affect just version prior 3.2.47. It’s not a critical v...

Some CTERA cloud attached storage are vulnerable to Direct Object References permitting some information disclosure to authenticated user (with no administration permission). For example a user can obtain the full list of users with their emails etc. CTERA R&D had solved this issue into ...