OpenSSL Infinite Loop Vulnerability
The US National Security Agency (NSA) officials have recently discovered a vulnerability in the OpenSSL cryptographic library. This vulnerability can be used to conduct denial-of-service attacks and can be easily weaponized by its potential attackers.
OpenSSL is a popular cryptography library used to encrypt data and verify digital signatures. The bug affects the BN_mod_sqrt() function, which is used to calculate the modular square root and parses certificates that use elliptic curve public key encryption. This vulnerability has been given the identifier CVE-2022-0778.
If an attacker submits a certificate with broken curve parameters, the program will go into an infinite loop and crash. This will cause denial of service.
… Read the rest“Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack,” OpenSSL said in a March 15 security advisory. “The infinite loop
How To Configure Unifi Controller Guest Hotspot With Stripe Payment
In this tutorial you will learn how to configure your Unifi Controller 7.0.22 Guest Hotspot with Stripe Payment. This will come handy if you’re looking to monetize your Public WiFi access.
Before we start make sure you are on Unifi Controller 7.0.22 or later and proceed to adopt all your Unifi devices into your controller. Make sure all firmware is updated as well.
The Tutorial Run Down
- Configure a Guest Network.
- Configure Bandwidth Profile.
- Configure a SSID for a group of access points.
- Configure Guest Hotspot Profile with Stripe Payment.
- Simple way to view Stripe payments.
Let’s start by configuring the Guest Network.
1. Log into your Unifi Controller 7.0.22
2. Once you’re on the dashboard click Settings. 
3. Now locate and click on Networks.
4. Now that you’re on the Networks Section locate and click on Create New Network.
5. For our New Network let’s do … Read the rest
How To Configure Unifi Controller Guest Hotspot With Vouchers
In this tutorial you will learn how to configure your Unifi Controller 7.0.22 Guest Hotspot with Vouchers. This will come handy if you’re a hotel or some type of business looking to control guest access to your Wi-Fi using a finite time-based voucher.
Before we start make sure you are on Unifi Controller 7.0.22 or later and proceed to adopt all your Unifi devices into your controller. Make sure all firmware is updated as well.
The Tutorial Run Down
- Configure a Guest Network.
- Configure Bandwidth Profile.
- Configure a SSID for a group of access points.
- Configure Guest Hotspot Profile with vouchers.
- Simple way to manage vouchers.
Let’s start by configuring the Guest Network.
1. Log into your Unifi Controller 7.0.22
2. Once you’re on the dashboard click Settings.
3. Now locate and click on Networks.
4. Now that you’re on the Networks Section locate and click on Create … Read the rest
APC Smart UPS Zero Day Vulnerability
Three critical Zero Day vulnerabilities have been uncovered in popular uninterruptible power supply APC-SMART UPS devices. They could be exploited and used to bring down infrastructure and even cause physical harm. A malicious actor could exploit these flaws and cause severe service disruptions, data loss, and even lead to a potential injury.
Researchers from Armis Labs recently found a flaw in APC Smart-UPS, which could be catastrophic for millions of businesses around the world. A subsidiary of Schneider Electric, APC is one of the leading suppliers of UPS devices worldwide. These devices are essential for companies that require high availability, such as hospitals. The flaw has been dubbed TLStorm and is a result of an unprotected remote management interface.
Cybersecurity researchers are warning businesses to prepare for digital disasters. There’s a high risk of cyber and physical damage if the vulnerabilities are exploited, according to a report published online on … Read the rest
Top 5 Cybersecurity Predictions For 2022
This is tough to predict however I think we’ll see a lot of interesting developments for 2022. And they’ll be related to all the challenges and problems we’ve seen in the past. Cybersecurity is a long, hard-fought war between cybercriminals and businesses. Who will make the most progress in this domain? I think it’ll be businesses that are able to adapt quickly.
People all over the world are looking forward to the new developments, achievements, and challenges 2022 will present. The increasing number of cyber-attacks worldwide makes people fear that the cybersecurity landscape in 2022 will be even more troubling.
There is no doubt that cybercrime will continue to grow, and businesses must adapt in order to keep their information safe. To reach this goal, it is important to understand what exactly you are up against. Here are the top five cybersecurity predictions for 2022.
Prediction #1: The cyber-attack that
… Read the rest
How To Configure Site to Site VPN On Unifi Controller 7.0.22
In this tutorial you will learn how to configure Unifi UDM PRO Site to Site VPN on Unifi Controller 7.0.22.
A site-to-site virtual private network (VPN) is a connection between two or more networks, such as a corporate network and a branch office network. Many organizations use site-to-site VPNs to leverage an internet connection for private traffic as an alternative to using private MPLS circuits.
Site-to-site VPNs are frequently used by companies with multiple offices in different geographic locations that need to access and use the corporate network on an ongoing basis. With a site-to-site VPN, a company can securely connect its corporate network with its remote offices to communicate and share resources with them as a single network.
Let’s get started.
Make sure you are on Unifi Controller Version 7.0.22. I will be using a Unifi UDM Pro for this configuration.
Step 1: Log into your Main Office Unifi … Read the rest
Your Cyber Defenses Can Always Be Better
Protect your organization from cyber threats with NIST’s Cybersecurity Framework. This customizable tool helps improve your security posture.
In today’s digital age, cybersecurity is more important than ever. The rise of the internet and the increasing reliance on technology has led to a greater need for effective cybersecurity measures. Unfortunately, cyber threats are constantly evolving, making it difficult for businesses and organizations to keep up. This is where the National Institute of Standards and Technology (NIST) comes in. NIST provides a framework that can help businesses and organizations improve their cyber defenses.
What is NIST?
NIST is a non-regulatory agency of the United States Department of Commerce. Its mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology. One of NIST’s key functions is to develop and promote cybersecurity standards and best practices. NIST is a leader in cybersecurity research and development, and its … Read the rest
5 Critical VMware ESXi Vulnerabilities
It has been alerted; five security vulnerabilities could lead to major potential issues for VMware ESXi customers. This includes command execution and DoS. VMware has issued a critical security update to patch its ESXi customers. Exploitation of these vulnerabilities could give hackers access to virtual machine environments.
VMware suggested that patching ESXi servers immediately is your best option, but you could also remove USB controllers from your VMs as a workaround. However, regarding to this advisory “that may be infeasible at scale and does not eliminate the potential threat like patching does.”
Noted Vulnerabilities
- CVE-2021-22040: Use-after-free vulnerability in XHCI USB controller (CVSS 8.4)
- CVE-2021-22041: Double-fetch vulnerability in UHCI USB controller (CVSS 8.4)
- CVE-2021-22042: ESXi ‘settingsd’ unauthorized access vulnerability (CVSS 8.2)
- CVE-2021-22043: ‘ESXi settingsd’ TOCTOU vulnerability (CVSS 8.2)
- CVE-2021-22050: ESXi slow HTTP POST denial of service vulnerability (CVSS 5.3)
VMware has said that there haven’t seen any attacks in the … Read the rest
How To Install LetsEncrypt SSL Certificates On Omada Controller
In this tutorial you will learn how to install LetsEncrypt SSL certificates for your Omada Controller hosted on Ubuntu 20.04.
Introduction
Omada Controller, TP-Link’s management interface for EAP devices, naturally becomes a crucial platform that benefits significantly from enhanced security measures.
In this tutorial, we will guide you through a detailed, step-by-step process of integrating Let’s Encrypt SSL certificates into your Omada Controller setup. Whether you’re a seasoned network administrator or a newbie just dipping your toes into network security, this guide is tailored to provide clarity and simplicity.
Let’s embark on this journey together, ensuring a safer and more secure Omada Controller experience for you!
Step 1: Generate Certificate
- First, install and refresh the core for snap:
snap install core; sudo snap refresh core
- Next, install certbot:
snap install --classic certbot
- Create a symbolic link for certbot:
ln -s /snap/bin/certbot /usr/bin/certbot
- Generate the certificate:
certbot certonly --standalone --preferred-challenges http
How To Configure Unifi Controller 7.0.22 UDM-PRO Security Settings
In this tutorial you will learn how to configure your Unifi Controller 7.0.22 Network Security Settings so you can properly secure your networks. In this tutorial I will be utilizing a Unifi UDM-Pro on controller version 7.0.22.
Key Knowledge
- GeoIP Filtering is a technology that can block web traffic from entire countries, can be an effective way to stop hackers from attacking your business. As the name suggests, it blocks network connections based on geographic location – information it gets based on IP addresses. This can then be used to filter and prevent both outgoing and incoming connections to and from your network.
- An Intrusion Prevention System (IPS) is a type of engine that identifies malicious traffic by checking the signatures. The signatures contain known traffic patterns or instruction sequences used by malware. This type of signature-based engine can only detect anomalies based on known malicious traffic patterns.
- An Intrusion
Loading ...