Offering options for remote work to all employees will help slow the spread of COVID-19, but may introduce risk if not a previously supported or planned policy. This self-assessment questionnaire allows organizations to consider high priority security risks potentially introduced by implementing new remote working strategies. And ways to mitigate them.
By Luis Rios OmniCenter 12.1.1 and below (and 12.0.8 and below) is affected by an unauthenticated SQL Injection (Boolean Based Blind). The injection allows an attacker to read sensitive information from the database used by the application. Background During the course of a penetration test, we encountered the OmniCenter application. An Internet search showed no …
In 2018 Illumant topped the list of bug hunters for Alibaba’s bug bounty program: To see this info on Alibaba, go the following link and select the year 2018: https://security.alibaba.com/top.htm?tab=1
Demonstration of the Check Point ZoneAlarm anti-virus exploit in action.
Local Exploitation of WCF Services within ZoneAlarm Anti-Virus Software to Escalate Privileges General Overview Illumant has discovered a critical vulnerability in Check Point’s ZoneAlarm anti-virus software. This vulnerability allows a low-privileged user to escalate to SYSTEM-level privileges. A service endpoint within ZoneAlarm exposes powerful functionality, including the ability to start new processes as SYSTEM. Efforts …
Introduction Illumant has discovered a critical vulnerability in Check Point’s ZoneAlarm anti-virus software. This vulnerability allows a low-privileged user to escalate privileges to SYSTEM-level with the anti-virus software enabled. The vulnerability is due to insecure implementation of inter-process communications within the ZoneAlarm application itself, which allows a low-privilege user to inject and execute code by …
Vulnerability affects Check Point Anti-Virus (ZoneAlarm), allows standard users to escalate to highest privilege level and highlights lesser-known class of vulnerabilities (“OwnDigo”) resulting from insecure process communications using Windows Communication Foundation (WCF).
There are many firms to choose from. How can you tell one from another.
Today we’ll talk about how to take ownership of a server running a default install of JBOSS 4.2.3.GA by hand using CVE-2010-0738. Why are we talking about exploiting such an old vulnerability? Well one reason is because it’s fun! Another, is that we still see these type of installs on real life engagements! Finally, there …
2006-2025 © Illumant, LLC. All Rights Reserved. 
