Security Advisory: Docebo Community Edition <= 4.0.5
Product description Swascan Offensive Security Team has identified multiple vulnerabilities on Docebo Community Edition 4.0.5, an open source e-learning platform also defined as Learning Management System. Technical summary Swascan’s Cyber Security Team discovered important vulnerabilities on Docebo CE <= v.4.0.5 Vulnerability CVSS 3.1 Docebo CE <= 4.0.5 – SQL Injection (unauthenticated) 8.6 – High[AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L] Docebo […]
DISCOVER MORERansomware Analysis: Black Basta
Black Basta Ransomware is a new ransomware which, in a few weeks, already reaped important victims. Swascan SOC Team intercepted and analyzed this ransomware threat, verifying that it contains encrypted and obfuscated payloads to make more difficult to understand the behavior of the threat during the encryption and infection phases, as we can see from […]
DISCOVER MORESecurity Advisory: Libnmap <= 0.7.2 (CVE-2022-30284)
Swascan Offensive Security Team has identified a severe vulnerability on the python-libnmap Python library (https://pypi.org/project/python-libnmap/). Python-libnmap Python-libnmap is a python library that enables python developers to manipulate nmap process and data. The library offers the following features: automate or schedule nmap scans on a regular basis manipulate nmap scans results to do reporting compare and […]
DISCOVER MOREEmotet: signature-based evasion & malleable executable
Analysis by Daniele Capponi – Cyber Security Analyst Swascan We recently came across an interesting finding concerning Emotet’s infection kill-chain, which usually starts with the phishing email followed by the download of an excel macro then its execution, which acts as the DLL dropper and finally leads to malware infection. Signature We had a look […]
DISCOVER MORESecurity Advisory: Alt-n Security Gateway (CVE-2022-25356)
Swascan Offensive Security Team has identified 1 vulnerability on Alt-n Security Gateway product, the vulnerability was found during a Penetration Test. Product description Alt-n develops and manufactures products and solutions for companies to help them be more safe against phishing attacks, malwares and much more, Security Gateway accomplishes that goal giving protection from external/internal email […]
DISCOVER MORESecurity Advisory: Forma LMS (CVE-2022-27104)
Unauthenticated SQL Injection in forma Lms <= 1.4.3 Swascan Offensive Security Team has identified a vulnerability on Forma LMS digital assets. Forma Lms Forma Lms is the natural evolution, or a “fork”, of the last open source version of the LMS platform Docebo. Forma Lms is an open source e-learning platform, oriented towards business needs: […]
DISCOVER MOREConti Leak Analysis
The conflict in Ukraine has attracted significant attention from the cybersecurity community: there have been cyber attacks by Russia against Ukrainian infrastructure with wiper-type malware (such as Whispergate and HermeticWiper) and a series of DDoS attacks against Russian infrastructure by Anonymous and Ukrainian supporter groups. Among the many news stories circulating, one that caused great […]
DISCOVER MOREThe Russian Doll Mechanism of Online Pharmacies
The world of online pharmacies is – said in a very simplistic way – a huge Russian doll mechanism of containers and cross references, deliberately anonymised. Shedding light on the system was not an easy task and finding a name to link to this game of mirrors required a veritable technical “deep dive” into the […]
DISCOVER MOREThe Mole: Criminal Hacker gang clash
Through its proprietary Threat Intelligence platform, Swascan’s SoC team has detected an interesting development in the continuously evolving cyber war scenarios in the international Cyber Crime landscape. Spokesmen for LockBit and REvil accused the operator of the Dark Web Ramp forum of being an informer employed by the Russian law enforcement agencies. Context In the […]
DISCOVER MOREVulnerability Report Emerson – Dixell XWEB-500 Multiple Vulnerabilities (CVE-2021-45420)
1.Technical Summary Swascan Offensive Security Team detected some important potential vulnerabilities on: Dixell XWEB-500 Detected vulnerabilities were: Vulnerability Assets CVSSv3 Severity Arbitrary File Write http://<target>/cgi-bin/logo_extra_upload.cgi http://<target>/cgi-bin/cal_save.cgi http://<target>/cgi-bin/lo_utils.cgi 7.5 HIGH Directory Listing http://<target>/cgi-bin/lo_utils.cgi 5.3 MEDIUM In the following section we are reporting some technical details on these vulnerabilities including evidences and proof-of-concepts. 2.Vulnerability details Arbitrary File […]
DISCOVER MORE