SSD Advisory – Tripwire IP360 Local File Inclusion

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerabilities Summary
The following advisory describes a Local File Inclusion (LFI) vulnerability found in Tripwire IP360 version 7.2.6. Tripwire IP360 is a enterprise-class vulnerability and risk assessment, it’s provides visibility into the enterprise network, including all networked devices and their associated operating systems and application.

Credit
An independent security researcher Mohammed Shameem has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program

Vendor response
Tripwire has stated 7.2.6 which was vulnerable has reached end of life. No other version of Tripwire is affected by this LFI vulnerability. Tripwire customers still using version 7.2.6 should upgrade to version 7.5 or newer which is supported.

Continue reading SSD Advisory – Tripwire IP360 Local File Inclusion

Know your community – El kentaro

If you ever been in a security conference, there are always those people who seems to be connected with everyone. Today we have the opportunity to interview one of them! I’m proud to introduce El Kentaro!

Kentaro is a permanent resident at CODE BLUE, AVTokyo and security community events in Japan. El is a skillful translator/interpreter that can speak the languages of infosec, English, and Japanese. If you want to get involved in the security community in Japan – he’s the person for you to reach out to.


Continue reading Know your community – El kentaro

Security conferences – Survival guide 2017 Q2

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

As we promised, the security conferences “Survival guide” for 2017 Q2 is here!

We have gathered the following information for you for each conference:

  • Dates
  • Place
  • Link to official conference website
  • Ticket price
  • Lectures
  • Workshops

So let’s get started:

Security conferences – Survival guide part 2

Continue reading Security conferences – Survival guide 2017 Q2