Showing 5 results for: April 2018 ×

"Drupalgeddon2" Recent Developments

Drupal, the popular Content Management System, (might) have seen better days. There's been a lot of attention to it lately in regards to a nasty Remote Code Execution (RCE) vulnerability. In particular a number of builds in the 7.x and...

WD My Cloud EX2 Serves Your Files to Anyone

Western Digital's My Cloud is a popular storage/backup device that lets users backup and store important documents, photos and media files. Unfortunately the default configuration of a new My Cloud EX2 drive allows any unauthenticated local network user to grab...

Using IPv6 to Bypass Security

Introduction All too often when we conduct pen tests against organizations we find a robust security posture against their Iv4 infrastructure. They lock down services, use a host-based firewall and generally follow best practice security guidelines. However, these same organizations...

Patch Tuesday, April 2018

April's Patch Tuesday didn't let up much compared to March. Overall April brings with it patches for 70 vulnerabilities including 27 rated as "Critical", 42 rated as "Important" and 1 rated as "Moderate". Along with most of our "usual suspects",...