05 Mrz 2014

Nsdtool published

by CRT | Categorie: Blog

Nsdtool is a toolset of scripts used to detect netgear switches in local networks. The tool contains some extra features like bruteforce and setting a new password. Netgear has its own protocol called NSDP (Netgear Switch Discovery Protocol), which is implemented to support security tests on the commandline. It is [...] weiter lesen

05 Dez 2013

CVE-2013-6224: Cross Site Scripting in LiveZilla

by CRT | Categorie: Blog

CVE-2013-6224: Security Advisory – Curesec Research Team 1. Introduction Advisory ID: Cure-2013-1006 Advisory URL: https://www.curesec.com/de/veroeffentlichungen/advisories.html Affected Product: LiveZilla version 5.0.1.4 Affected Systems: Linux/Windows Fixed in: 5.1.1.0 Fixed Version Link: https://www.livezilla.net/downloads/pubfiles/LiveZilla_5.1.1.0_Full.exe Vendor Contact: support@livezilla.net Vulnerability Type: Cross Site Scripting Remote Exploitable: Yes Reported to vendor: 18.10.2013 Disclosed to public: 28.11.2013 Release [...] weiter lesen

05 Dez 2013

CVE-2013-6223: Local Password Disclosure in LiveZilla

by CRT | Categorie: Blog

Security Advisory – Curesec Research Team – Cure-2013-1008 1. Introduction Advisory ID: Cure-2013-1008 Advisory URL: https://www.curesec.com/de/veroeffentlichungen/advisories.html Affected Product: LiveZilla version 5.0.1.4 Fixed in: 5.1.1 Fixed Version Link: https://www.livezilla.net/downloads/pubfiles/LiveZilla_5.1.1.0_Full.exe Vendor Contact: support@livezilla.net Vulnerability Type: Local Password Disclosure Remote Exploitable: No Reported to vendor 18.10.2013 Disclosed to public 28.11.2013 Release mode: Coordinated [...] weiter lesen

27 Nov 2013

CVE-2013-6271: Remove Device Locks from Android Phone

by CRT | Categorie: Blog

CVE-2013-6271: Security Advisory – Curesec Research Team * Update – 05.12.2013 Recent tested versions prone of the vulnerability: 4.0 – vulnerable 4.1 – vulnerable 4.2 – vulnerable 4.3 – vulnerable 4.4 – not vulnerable * Update – 04.12.2013 Many were asking if it is also possible to test this issue [...] weiter lesen

15 Nov 2013

CVE-2013-6225: Remote Code Execution in LiveZilla

by CRT | Categorie: Blog

CVE-2013-6225: Security Advisory – Curesec Research Team 1. Introduction Advisory ID: Cure-2013-1007 Advisory URL: https://www.curesec.com/de/veroeffentlichungen/advisories.html Affected Product: LiveZilla version 5.0.1.4 Affected Systems: Linux/Windows Fixed in: 5.1.1 Fixed Version Link: https://www.livezilla.net/downloads/pubfiles/LiveZilla_5.1.0.0_Full.exe Vendor Contact: support@livezilla.net Vulnerability Type: Remote Code Execution / Local File Inclusion Remote Exploitable: Yes Reported to vendor: 18.10.2013 Disclosed [...] weiter lesen

02 Okt 2013

Python developer (m/f)

by Marco | Categorie: News

We are looking for a python developer to support our software projects. For a successful collaboration, the following points are important: 2-3 years of demonstrated experience with Python Good knowledge of network protocols (TCP/IP protocol suite) Good knowledge of Linux and Unix Strong interest in IT-Security Fluent English and German [...] weiter lesen

02 Okt 2013

We have moved into our new office!

by Marco | Categorie: News

Curesec has turned two years old! As a birthday present we have moved into our new office! 165sqm space for the security enthusiasts!

16 Sep 2013

Inkasso Trojaner – Part 3

by CRT | Categorie: Allgemein

In this report we would like to point out how the rootkit infects a system, how it operates and what kind of anti-reversing and anti-debugging techniques are in place. We will use several tools: ExeInfo PE IDA Entropy Plugin SysInternals Suite IDA Pro Immunity Debugger It s not a Problem, [...] weiter lesen

10 Sep 2013

Exfiltrate Data using the old ping utility trick

by CRT | Categorie: Allgemein

We are back with a great blogpost. This time about data exfiltration using ping, packed together as a simple backdoor-like code. The technique may work in generell for linux and windows as well, however the main target and interest was Android. During the article we will provide examples demonstrating how [...] weiter lesen

06 Aug 2013

Article on Scada Security

by CRT | Categorie: News

welt.de and morgenpost.de published an article about vulnerabilities in industrial facilities in august 2013. The article is in german only. “Die Sicherheitsstandards großer Kraftwerke haben sich verbessert”, sagt Marco Lux, Geschäftsführer des Berliner IT-Consulting-Unternehmens Curesec.  Er berät Industriebetriebe sowie mittelständische Unternehmen in Sicherheitsfragen und führt Analysen von Hardware und Software [...] weiter lesen