Security Blog

Visual Tools

Security advisory: Visual Tools DVR (CVE-2021-42071)

Visual Tools DVR VX16 – Iniezione di comandi del sistema operativo (non autenticato) Swascan ha identificato una vulnerabilità critica durante una regolare attività di test di penetrazione su un client relativo a Visual Tools (marchio di fabbrica) un software di AX Solution LA ( Al momento della pubblicazione (puoi consultare la timeline in fondo


Security advisory: Entando (CVE-2021-35450)

Entando Admin Console <= 6.3.9 – Server Side Template Injection Swascan has proactively pursued a Responsible Vulnerability Disclosure activity with the system integrator Entando after a critical vulnerability was identified during a penetration testing activity. Entando in brief Entando is an open-source software company providing the leading modular application platform building enterprise web apps on

Lenovo Swascan

Lenovo and Swascan collaborate to fix security issue

Swascan Cyber Security Team has identified at least 3 Critical vulnerabilities in “My Lenovo” digital assets passively identified by using the Domain Threat Intelligence (DTI) tool. DTI – Domain Threat Intelligence – is service from Swascan’s Cyber Security Testing Cloud Suite. The service does not perform any security tests on the target and only operates

data scraping

LinkedIn data scraping: 1 Billion data record for sale

LinkedIn data scraping – “Over 1Billion LinkedIn data available”, over “520 million email addresses and phone numbers of LinkedIn users” – are just some of the “announcements” Swascan‘s SOC as a Service and Cyber Threat Intelligence Teams first identified on April 5th, 2021 via its Security Testing and Threat Intelligence platform, as noted in the

Scraped data of 70 Million Twitter users

Scraped data of 70 Million Twitter users?

On April 5th Swascan’s SOCaaS and Cyber Threat Intelligence Teams first identified and reported the presence of a huge Linkedin database for sale on the web and dark web. The Linkedin news was preceded by the discovery of the most recent Facebook data leak which involved 553 million users. Traslated: “Over 1Billion recds of

Bitcoin Wallets: The Marketplace of Stolen Wallets

Bitcoin Wallets –  Swascan’s Cyber Threat Intelligence Team has identified – through OSINT and CLOSINT research – the most popular repositories for the illegal trade in wallet.dat files, gathering evidence that this activity is still widespread and very active, even outside the Dark Web. Bitcoin wallets: why .dat files? To trade in Bitcoin, a potential