KoreLogic

We released five advisories for Xorux XorMon Original and Xorux XorMon Next Generation (NG): Xorux XorMon-NG Read Only User Export Device Configuration Exposing Sensitive Information: https://lnkd.in/eEQBmTTq Xorux XorMon-NG Web Application Privilege Escalation to Administrator: https://lnkd.in/eyFhm-iq Xorux XorMon Original LPAR2RRD Read Only User Denial of Service: https://lnkd.in/eQPdYtsd Xorux XorMon Original LPAR2RRD Read Only User Log Download Exposing Sensitive Information: https://lnkd.in/eEm29MsZ Xorux XorMon Original LPAR2RRD File Upload Directory Traversal: https://lnkd.in/evTSX4C3

We released six advisories for Schneider Electric Data Center Expert today: XML External Entities Injection: https://lnkd.in/dNqaZrqm Unauthenticated Remote Code Execution: https://lnkd.in/dT8iHWqf Root Password Discovery: https://lnkd.in/d7naTNbv Remote Command Execution: https://lnkd.in/dYh9NM-p Privilege Escalation: https://lnkd.in/d7r3bB5z Unauthenticated Server-Side Request Forgery: https://lnkd.in/dQHMkrx7

We released three advisories for the Mobile Dynamix PrinterShare Android application: Gmail Oauth Token Disclosure at https://lnkd.in/erAeuGQJ Out-of-bounds Write at https://lnkd.in/eUJE6idv Double-Free Memory Write at https://lnkd.in/e2aMg6n3

KoreLogic recently attended the “𝗜𝗻𝗰𝗶𝗱𝗲𝗻𝘁 𝗥𝗲𝘀𝗽𝗼𝗻𝘀𝗲 𝗙𝗼𝗿𝘂𝗺 𝗠𝗮𝘀𝘁𝗲𝗿𝗰𝗹𝗮𝘀𝘀 𝗖𝗼𝗻𝗳𝗲𝗿𝗲𝗻𝗰𝗲 (April, 2025 – Washington, D.C.)” sponsored by our friends at the Cyber Security Docket. https://lnkd.in/eQCiYcc4 This conference focuses solely on the field of incident response (IR) and is geared specifically for legal professionals with incident response expertise. This conference is unusual in that the panelists are uniformly best in class and legal IR thought leaders. It benefits those of us in cyber by understanding how attorneys approach IR given their influence during a response. The following takeaways reflect the ideas shared by the panelists. Special thanks to Bruce Carton and John Reed Stark for their hospitality and putting on an amazing conference. Some key takeaways that caught our eye:  1. 𝗜𝗥 𝗥𝗼𝗹𝗲(𝘀) 𝗼𝗳 𝘁𝗵𝗲 𝗕𝗼𝗮𝗿𝗱: Their most critical role: ensure that incident root cause analysis is done and corrective action taken.  2. S𝗼𝗹𝗮𝗿𝗪𝗶𝗻𝗱𝘀 𝗖𝗜𝗦𝗢 𝗣𝗲𝗿𝘀𝗼𝗻𝗮𝗹 𝗖𝘆𝗯𝗲𝗿-𝗟𝗶𝗮𝗯𝗶𝗹𝗶𝘁𝘆: Periodically review public-facing security statements (e.g., trust center or security statement web pages) to ensure that they are not over-stating security posture or controls.  3. 𝗗𝗮𝘁𝗮 𝗣𝗿𝗼𝘁𝗲𝗰𝘁𝗶𝗼𝗻/𝗖𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲: Throughout a response, think “Is our response scope (still) correct? Are we still focused on the right things?”.  4. C𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗮𝗻𝗱 𝗡𝗮𝘁𝗶𝗼𝗻𝗮𝗹 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗙𝗼𝗿𝗲𝗰𝗮𝘀𝘁: An additional number of, and increased activity by existing, APTs are being observed. Campaigns involving 0-days being used more freely and not being held in reserve. The “Hack Back” concept is resurfacing as a potential deterrent of cybercrime. Attacks on critical infrastructure attacks are moving from pre-positioning to operational disruptions. Triggers for nation-state actors include tariffs, Taiwan, geopolitical and regional tensions, etc. 𝗜𝗻𝘁𝗲𝗿𝗲𝘀𝘁𝗶𝗻𝗴 𝗥𝗲𝘀𝗼𝘂𝗿𝗰𝗲𝘀 𝗖𝗶𝘁𝗲𝗱:   • Data Minimization: A Crucial Pillar of Cyber Security: https://lnkd.in/em-XXPMU  • CISO Redefined: Navigating C-Suite Perceptions & Expectations: Download here: https://lnkd.in/gpfmzC2Y    • State by state breach notification law reference: https://lnkd.in/e_8xfkWc 

KoreLogic is a CREST-accredited penetration testing vendor! We are proud to announce that KoreLogic has obtained Council of Registered Ethical Security Testers (CREST) Company accreditation! Obtaining this accreditation is a testament to our commitment to excellence in the penetration testing space. This certification not only demonstrates our expertise but also showcases our position as a trusted partner in the industry. What does this mean for our clients and potential clients? That KoreLogic has mature, documented processes, service methodologies, and security practices. Our application and supporting evidence were subjected to a detailed review and scrutiny. Much like with our ISO certification, there are periodic reassessments to ensure that we are continually improving and maintaining best practices.