This blog post summarizes the results of a study that sheds light on ordinary workers conducting benign IT tasks, such as developing websites or translating texts, that contribute to cybercrime activities. The researchers from multiple organizations, including the GoSecure Titan Labs team, conducted a thematic analysis and used machine learning, as well as statistical tests on several datasets, to extract a general understanding of these workers and their mass effect.
GoSecure Titan Labs has identified a vulnerability within the Tableau Server that could allow malicious actors to extract sensitive data from the application. Tableau Server is an analytics platform owned by Salesforce used to see and understand data. This application is often hosted on premises to explore sensitive data in a trusted environment. According to a Shodan search which returned more than 18,000 results for this product, this application is widely used by companies to analyze data.
Cross-Site Scripting (XSS) is a well-known vulnerability that has been around for a long time and can be used to steal sessions, create fake logins, and carry out actions as someone else, etc.
GoSecure Titan Labs discovered a stored cross-site scripting (XSS) vulnerability in IBM Content Navigator. Users are strongly advised to upgrade to version 3.0.9 or above. This blog post details the vulnerability, its impact and provides a proof of concept for exploitation.
GoSecure Titan Lab investigation found that 3CX phone system servers were vulnerable to two different attacks: authenticated command injection and privilege escalation. When combined with the 3CX cloud free trial, these vulnerabilities could allow an attacker to escape the restricted terminal and gain a “free” virtual server.