sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell meta-characters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation.

qdPM versions prior to 9.1 suffer from a remote shell upload vulnerability that allows for remote code execution.

graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie if a guest user has the graph real-time privilege.

This Metasploit module exploits a flaw where an authenticated user with sufficient administrative rights to manage pollers can use this functionality to execute arbitrary commands remotely. Usually, the miscellaneous commands are used by the additional modules (to perform certain actions), by the scheduler for data processing, etc. This module uses this functionality to obtain a remote shell on the target.

This Metasploit module exploits a shell command injection vulnerability in the libnotify plugin. This vulnerability affects Metasploit versions 5.0.79 and earlier.

TP-LINK Cloud Cameras including products NC200, NC210, NC220, NC230, NC250, NC260, and NC450 suffer from a command injection vulnerability. The issue is located in the swSystemSetProductAliasCheck method of the ipcamera binary (Called when setting a new alias for the device via /setsysname.fcgi), where despite a check on the name length, no other checks are in place in order to prevent shell metacharacters from being introduced. The system name would then be used in swBonjourStartHTTP as part of a shell command where arbitrary commands could be injected and executed as root.

IBM Data Risk Manager (IDRM) contains three vulnerabilities that can be chained by an unauthenticated attacker to achieve remote code execution as root. The first is an unauthenticated bypass, followed by a command injection as the server user, and finally abuse of an insecure default password. This module exploits all three vulnerabilities, giving the attacker a root shell. At the time of disclosure, this is a 0day. Versions 2.0.3 and below are confirmed to be affected, and the latest 2.0.6 is most likely affected too.

London has been named fDi’s inaugural Fintech Location of the Future for 2019/20, followed by Singapore and Belfast. 

Research by fDi Intelligence reveals which cities received the most tech start-up FDI relative to their population between 2016 and 2018, with European cities coming out on top.

Australia tops the FDI Strategy category of fDi's Tourism Locations of the Future 2019/20 rankings, followed by Costa Rica and Azerbaijan.

DA-WIN, a wireless IDS, provides an organization a continuous wireless scanning capability that is light touch and simple. It utilizes compact and discreet sensors that can easily be deployed reducing the total cost of protection and simplifying the effort required for absolute, categoric regulatory compliance. This archive includes a dd image to be used on a Raspberry Pi and a user manual.

DA-WIN, a wireless IDS, provides an organization a continuous wireless scanning capability that is light touch and simple. It utilizes compact and discreet sensors that can easily be deployed reducing the total cost of protection and simplifying the effort required for absolute, categoric regulatory compliance. This archive includes a dd image to be used on a Raspberry Pi and a user manual.

man-cgi versions prior to 1.16 suffer from a local file inclusion vulnerability.

Teltonika RUT9XX routers with firmware before 00.04.233 are prone to multiple unauthenticated OS command injection vulnerabilities in autologin.cgi and hotspotlogin.cgi due to insufficient user input sanitization. This allows remote attackers to execute arbitrary commands with root privileges.

Synaccess netBooter NP-02x and NP-08x version 6.8 suffer from an authentication bypass vulnerability due to a missing control check when calling the webNewAcct.cgi script while creating users. This allows an unauthenticated attacker to create an admin user account and bypass authentication giving her the power to turn off a power supply to a resource.

This Metasploit module exploits an arbitrary command execution vulnerability in Webmin versions 1.900 and below. Any user authorized to the "Java file manager" and "Upload and Download" fields, to execute arbitrary commands with root privileges. In addition, "Running Processes" field must be authorized to discover the directory to be uploaded. A vulnerable file can be printed on the original files of the Webmin application. The vulnerable file we are uploading should be integrated with the application. Therefore, a ".cgi" file with the vulnerability belong to webmin application should be used. The module has been tested successfully with Webmin version 1.900 over Debian 4.9.18.

devolo dLAN 550 duo+ version 3.1.0-1 suffers from a remote code execution vulnerability. The devolo firmware has what seems to be a 'hidden' services which can be enabled by authenticated attacker via the the htmlmgr CGI script. This allows the attacker to start services that are deprecated or discontinued and achieve remote arbitrary code execution with root privileges.

This Metasploit module exploits a command injection vulnerability in Imperva SecureSphere version 13.x. The vulnerability exists in the PWS service, where Python CGIs did not properly sanitize user supplied command parameters and directly passes them to corresponding CLI utility, leading to command injection. Agent registration credential is required to exploit SecureSphere in gateway mode. This module was successfully tested on Imperva SecureSphere 13.0/13.1/13.2 in pre-ftl mode and unsealed gateway mode.

An exploitable command injection vulnerability exists in the ACEManager iplogging.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can inject arbitrary commands, resulting in arbitrary command execution. An attacker can send an authenticated HTTP request to trigger this vulnerability.

An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability.

An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause an information disclosure, resulting in the exposure of confidential information, including, but not limited to, plaintext passwords and SNMP community strings. An attacker can make an authenticated HTTP request, or run the binary, to trigger this vulnerability.

An exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a arbitrary setting writes, resulting in the unverified changes to any system setting. An attacker can make an authenticated HTTP request, or run the binary as any user, to trigger this vulnerability.

An exploitable information disclosure vulnerability exists in the ACEManager template_load.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a information leak, resulting in the disclosure of internal paths and files. An attacker can make an authenticated HTTP request to trigger this vulnerability.

An HTML Injection vulnerability has been discovered on the RICOH SP 4510DN via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter.

An HTML Injection vulnerability has been discovered on the RICOH SP 4520DN via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn or entryDisplayNameIn parameter.

Telus Actiontec WEB6000Q with firmware 1.1.02.22 suffers from a denial of service vulnerability. By querying CGI endpoints with empty (GET/POST/HEAD) requests causes a Segmentation Fault of the uhttpd webserver. Since there is no watchdog on this daemon, a device reboot is needed to restart the webserver to make any modification to the device.

The IDAL HTTP server CGI interface contains a URL, which allows an unauthenticated attacker to bypass authentication and gain access to privileged functions. In the IDAL CGI interface, there is a URL (/cgi/loginDefaultUser), which will create a session in an authenticated state and return the session ID along with the username and plaintext password of the user. An attacker can then login with the provided credentials or supply the string 'IDALToken=......' in a cookie which will allow them to perform privileged operations such as restarting the service with /cgi/restart.

This Metasploit module exploits an unauthenticated remote command injection vulnerability found in Barco WePresent and related OEM'ed products. The vulnerability is triggered via an HTTP POST request to the file_transfer.cgi endpoint.

D-Link DIR-859 Routers are vulnerable to OS command injection via the UPnP interface. The vulnerability exists in /gena.cgi (function genacgi_main() in /htdocs/cgibin), which is accessible without credentials.

I am often asked what I see as the biggest potential game-changers in tech — particularly as it relates to social good. Mobile, social, the cloud, and analytics continue to emerge as key themes. However, analytics is emerging as the true game changer — catalyzed by advances in open architecture.

Let me unpack what I mean by "open architecture." Open means that anyone can access it, contribute to it, and innovate on top of it. At Blackbaud, where I serve as chief technology officer, one of our core tenets has been to design an open, cloud-based software and data architecture. We're cultivating a technical community of partners, customers, and engineers (inside and outside of the company) who are innovating in different ways and contributing to this ecosystem.

From this vantage point, I see the way that openness accelerates the velocity of innovation. Looking at it from a different angle, open ecosystems also yield data and analytics that enable everyone who is part of them to gain more insights and intelligence.

This data can power intelligent software solutions, surface actionable events, maintain accurate and current data assets, and generally drive more results for users. In other words, an open cloud-based architecture elevates usage, which in turn generates more and more data and intelligence that make the system even more powerful.

With data, analytics, and intelligence in mind, the following capabilities emerge as candidates to have a great positive impact.

The Internet of Things

Internet of Things (IoT) technology is cheap and accessible and can transform normal household items into network devices that generate data. In my house, the lights, thermostats, appliances, cars, doors, and windows are all connected devices. These connected devices generate data and intelligence (such as trends in usage, optimization of electricity consumption, and so on). Much like a household, there are many IoT possibilities for nonprofits and other players in the social good space to generate valuable, actionable data.

Instrumentation

Instrumentation provides us with the ability to understand what's happening within our software. As Blackbaud ships features and capabilities within solutions, we monitor usage. We do so to understand if our customers can easily discover the new capability (do they use it the first time they log on?) and to determine if our customers find it valuable (is their use ongoing?). This data-driven approach is an extremely effective way of measuring both the quality of the user experience and the overall value of the work we're doing.

We can learn a lot about our customers just by observing what they do. Across the software industry, instrumentation is driving advances in understanding that enable more targeted solutions to users' challenges.

Usage Information

Like instrumentation, usage data enables us to understand the leading indicators that yield the best, most effective outcomes. For example, through usage data, we were able to understand that nonprofits who proactively thank donors within one week of giving have an advantage. They were much more effective at converting those individuals to longer-term supporters and recurring donors.

Predictive Intelligence

Predictive analytics showcase some of the most stunning and innovative applications of data. At Blackbaud, we think of predictive analytics as a kind of "self-driving car." It guides and sometimes fully automates tasks for our users, enabling them to gain much greater results. A few examples of predictive analytics scenarios that we're working on include

• Extending the most compelling message to a specific person at just the right time via the best channel, to keep them engaged, generate a donation, invite them to an event, or simply share a story.
• Intelligently connecting nonprofits, corporations, individuals, foundations, faith-based organizations, schools, and other stakeholders across the ecosystem we serve. That action enables us to more efficiently coordinate efforts and services and drive greater good together.
• Leveraging social information, an understanding of a person's network, geographical context, and other analytics to help connect an advocate with a nonprofit, school, or foundation, in just the right way.

We leverage the correlation of many different, disparate data sources to drive true intelligence and to power new, predictive user experiences across our applications. Our data platform is what powers this intelligence. This platform drives value across our solutions in other ways, including

• Correcting, appending, and de-duplicating data across the system
• Business intelligence and reporting that shows trends in data
• Real-time data pipelines that spark events across the system based on changes to the data

I’ve included only a few examples of technology capabilities we're researching that we believe will have a strong positive impact. The central theme of these capabilities is providing more actionable data and intelligence. Our commitment to delivering a robust, scalable, and flexible data architecture as well as open, cloud-based software enables us to take advantage of this technology. It also enables us to harness these capabilities to drive greater value for the customers we serve.

This blog post was written by Mary Beth Westmoreland.

spanhidden

The Inland Empire, which encompasses 27,000 square miles in Southern California, has one of the highest rates of poverty in the U.S.'s twenty-five largest metropolitan areas. One in five people there live at the poverty level. Smooth Transition, Inc., is a nonprofit educational and vocational training organization that has been working with local at-risk populations since 2009. It aims to provide a gateway towards empowerment, educational, and employment opportunities to lead a fulfilling, prosperous, and purposeful life.

Breaking Harmful Cycles

Smooth Transition began working to reach at-risk teens early — before they dropped out of high school or left the foster care system. It later expanded its program to include all at-risk populations, including displaced adults, as a means to better help the community. Smooth Transition's life skills development and educational training increase levels of employability. Its mentorship helps prevent its clients from re-entering the foster and judicial system or repeating poverty and homelessness cycles.

The nonprofit provides flexible and relevant programs that are accredited through the Western Association of Schools and Colleges. Its programs are directly tied to career pathways and provide students with vocational certifications at little or no cost to them. Graduates have a high completion rate as compared with other programs that serve at-risk populations. But students also come away with significant increases in their perceived self-value and a decrease in perceived barriers to success.

Keeping the Computer Labs Secure

In 2016, Smooth Transition served roughly 2,800 people with just four full-time staff members. Many of its programs are computer-based and require that its computer labs serve multiple uses and multiple users. One of the organization's board members manages its IT needs on a volunteer basis. He recommended Symantec's Norton Small Business, and the organization has been using it on its systems since it was founded.

Symantec's donation of antivirus protection — through TechSoup — has enabled the nonprofit to safely use its computer labs and has increased the number of programs and services it can offer to its students. According to Dr. Robin Goins, president and executive director of Smooth Transition, "The donations we receive are the foundation of our success, and we cannot express enough the generational and community impact the Symantec donations provide us. Smooth Transition is an appreciative recipient of the donations we received from Symantec and we look forward to providing even more impactful community programs as a result."

Goins goes on to describe how Smooth Transition's testing centers are networked, with students taking roughly 250,000 different kinds of exams. She worried that without security in the testing centers, the tests would be disrupted, causing a very serious problem. "If we have things disrupting our classes it costs us money. It also costs students the ability to complete their work. Having viruses attack us would be catastrophic for us."

Goins points out that Norton Small Business also helps protect confidential information. "As a school, we're required to protect the identity of our students and a lot of their demographic information," she said.

Smooth Transition will continue to work throughout the Inland Empire to provide flexible training and resources for those who don't fit the traditional education model. Though it faces many challenges in providing students with real, relevant work tools and skills, its staff is relieved, knowing that its systems and data are protected.

spanhidden

As champions of National Cyber Security Awareness Month (NCSAM), we're kicking off our first week with a focus on email. Read on for facts and tips on email security from the National Cyber Security Alliance.

Across the world, 269 billion emails are sent every day. It's estimated that the average business user will receive 96 emails per day by 2019 (source: Radicati).

Given our reliance on the medium, it's no surprise that email is one of cybercriminals' favorite methods of attack. According to the National Cyber Security Alliance, 85 percent of U.S. organizations have experienced a phishing attack and 30 percent of people have opened a phishing email.

There are simple steps you can take to ensure that you don't become a victim of a cyberattack. Somewhat like a poker tell, suspicious emails contain hints that the sender isn't who they claim to be.

Watch this video to learn how to spot email scams.

The Facts About Email Scams

• Suspicious emails engage in "spoofing," a type of scam in which attackers impersonate a trustworthy entity to make it more likely that the recipient will open and act on the email.
• Spoofed emails typically employ one of two tactics:
  • Phishing, the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and, indirectly, money) for malicious reasons.
  • Spreading malware by getting the user to open malicious email attachments or click on malicious links.

Practical Tips on Spotting Suspicious Emails

• Look carefully at the email and ask yourself the following questions:

• • Do you know or recognize the "from" address or contact's name?
  • Does the message contain incorrect grammar or misspelled words?
  • Does the message ask you to take action on something you didn't request, such as "click on this link to pick the new phone you requested"?

• If the answer to the first is no, or the answer to the second or third above is yes:
  

• • Don't click on links. Instead, hover your cursor over links to determine if the address is unknown, suspicious, or misleading: for example, www.microsoft.com.maliciousdomain.it. Don't open any attachments the email contains.
  • If you suspect a work email is a phishing attack, immediately report it to your IT administrator so they can alert your fellow coworkers of the attempted attack. If it's a personal email, most email service providers provide a mechanism to report that. Check out this example from Gmail.

Additional Cybersecurity Resources

• Want to learn more about cybersecurity and how you can keep your data safe? Read our latest blog post about the Equifax breach.
• Need a little inspiration? Find out how TechSoup and Symantec are making a difference in the lives of at-risk teens.
• Get more security tips from the National Cyber Security Alliance. National Cyber Security Alliance Month — observed every October — was created as a collaborative effort between government and industry to ensure all Americans have the resources they need to stay safer and more secure online. Find out how you can get involved.

Image: National Cyber Security Alliance

spanhidden

(Please visit the site to view this video)

Older adults are at an increased risk of lacking company and being socially isolated. Recent studies prove that a lack of social relationships is as strong a risk factor for mortality as are smoking, obesity, or a lack of physical activity. Enter Little Brothers.

Little Brothers is an effort dedicated to spreading awareness and relieving isolation and loneliness in elders, a problem that often goes unseen. Little Brothers is in 7 U.S. cities and 10 countries worldwide. Its mission is carried out by more than one nonprofit organization.

Little Brothers Friends of the Elderly San Francisco facilitates more than 4,000 friendly visits a year. Volunteers are matched with elders in San Francisco, and they form and build a relationship through home visits, outings, or common interests.

We recently met with Andrew Butler, the program manager at Little Brothers Friends of the Elderly San Francisco. He explained that many volunteers form a relationship with an elder, and their stereotypes about older people are quickly broken down.

"A lot of what we do is creating awareness. I think a lot of the information that we share through training or events really inspires people," said Butler. He also suggested that we speak with a member of Little Brothers Friends of the Elderly San Francisco, Andy Morgan, to get a proper feel for the organization.

Andy Morgan is a highly spiritual 86-year-old who loves to read. Originally from Transylvania, Andy came to San Francisco in 1962 and has worked a variety of jobs throughout his life.

However, he stresses that he has never defined himself by what he did for a living. Aside from books and his spirituality, Andy values personal relationships and enjoys company.

Our conversation with Andy revealed why Little Brothers' impact matters so much.

I wanted to ask if you have any main visitors.

Andy Morgan: Yeah! I have one main visitor come every week. Rain or shine, he comes and sees me. He brings me food from Trader Joe's, and he does my laundry.

Wow, that's a sweet deal. Would you share a particular visit that has stuck with you over the years?

There's nothing that stands out; every visit is enjoyable. What we usually do is grab a spiritual book, you know, all those books over there are on spirituality, and we read from it and then we discuss it. I've been on the spiritual path since the 1960s, so if he has any questions, I can try and clarify.

I was wondering what makes you happy.

What makes me happy? Knowing that my within-ness, that which makes me breathe and which makes me exist, is pure joy and pure love. When you do a lot of meditation, something opens up within you, and I just feel, practically all the time, this feeling of love and joy and peace.

Of course no one can maintain that 24/7, but I can always come back. If something goes wrong, I can just remind myself of my true nature.

That's beautiful. Thank you so much for opening your home to us.

My pleasure; it's been a joy having you guys. Could I just read you one very short poem? It says …

Be as a Flower

Truth is very simple
A flower does not try to be beautiful.
Its True Nature is Beauty.
Just by its Very Being.

In the same way, when you Awaken
To your true nature,
You will naturally exude Love,
Compassion, Beauty.
It is all you.
For it is your True Self.

(poem by Robert Adams)

TechSoup is proud to support our member, Little Brothers Friends of the Elderly San Francisco, in its mission to spread awareness about and help elders at risk of loneliness and isolation. There are incredible people like Andy all over the world who are at risk of being forgotten. But they should never be. TechSoup provides technology and services to Little Brothers staff members to help run their nonprofit so that they can focus on fighting the effects of elder isolation.

spanhidden

The EU is considering a broader mandate for the EBRD, and its president, Sir Suma Chakrabarti, believes its model would work in sub-Saharan Africa.

Sub-Saharan Africa is the world’s fastest growing mobile phone market, but how can telecoms companies make the most of the huge opportunities the region provides?