Tenable

JANUARY 10, 2024

Two zero-day vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure have been exploited in the wild, with at least one attack attributed to nation-state actors. Background On January 10, Ivanti released a security advisory for two zero-day vulnerabilities that were exploited in-the-wild in limited, targeted attacks.

Policies 71

Policies Authentication Analysis Network 71

Tenable

JANUARY 16, 2024

Analysis CVE-2023-6548 is a RCE vulnerability in the NetScaler ADC and Gateway appliances. An authenticated attacker with low level privileges could exploit this vulnerability if they are able to access NetScaler IP (NSIP), Subnet IP (SNIP), or cluster management IP (CLIP) with access to the appliance’s management interface.

Authentication 116

Authentication Network Internet Virtualization 116

Tenable

JANUARY 23, 2024

CVE Description CVSSv3 CVE-2024-0204 Fortra GoAnywhere MFT Authentication Bypass Vulnerability 9.8 According to the advisory, it was discovered on December 1, 2023. Its discovery is credited to security researchers Mohammed Eldeeb and Islam R Alater. ai published a blog post analyzing CVE-2024-0204.

Authentication 62

Authentication Research Groups Analysis 62

Tenable

SEPTEMBER 11, 2023

Ransomware groups including LockBit and Akira are reportedly exploiting a zero-day vulnerability in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) appliances with VPN functionality enabled. This blog post was published on September XX and reflects VPR at that time.

Groups 118

Groups Report Authentication Software Review 118

CircleCI

JANUARY 13, 2023

On January 4, 2023, we alerted customers to a security incident. Today, we want to share with you what happened, what we’ve learned, and what our plans are to continuously improve our security posture for the future. Security best practices. On January 5, 2023, at 03:26 UTC, we revoked all Project API Tokens.

Report 145

Report Systems Review Malware Software Review 145

Tenable

OCTOBER 10, 2023

We omitted CVE-2023-44487 from our counts as this vulnerability was reported to MITRE and not Microsoft and does not exclusively affect Microsoft products. It was exploited in the wild as a zero-day and was publicly disclosed prior to the October 2023 Patch Tuesday release. Details about this flaw are included in our analysis below.

Windows 114

Windows Software Review Azure Systems Review 114

Tenable

DECEMBER 6, 2023

Tenable Research has published two blogs on CitrixBleed, our initial analysis of the vulnerability as well as a Frequently Asked Questions (FAQ) blog providing added context surrounding the in-the-wild exploitation by threat actors including multiple ransomware groups. ransomware group in their exploitation of CitrixBleed.

Systems Review 73

Systems Review Authentication Analysis Malware 73

Tenable

APRIL 12, 2024

Plus, a new survey shows cybersecurity pros are guardedly optimistic about AI. And the NSA is sharing best practices for data security. Cybersecurity and Infrastructure Security Agency (CISA) in its Emergency Directive 24-02 , sent to federal civilian agencies last week and made public this week. And much more!

Generative AI 116

Generative AI Malware Trends Government 116

Tenable

OCTOBER 2, 2023

Progress Software patches multiple flaws in its WS_FTP Server product, including a pair of critical flaws, one with a maximum CVSS rating of 10 Background On September 27, Progress Software published an advisory for WinSock File Transfer Protocol or WS_FTP Server , a secure file transfer solution, addressing eight vulnerabilities.

Software Review 121

Software Review Software Systems Review Authentication 121

Tenable

SEPTEMBER 15, 2023

Tasked with securing your org’s new AI systems? Plus, open source security experts huddled at a conference this week – find out what they talked about. That’s the topic of the paper “ Securing AI: Similar or Different? published by Google’s Cybersecurity Action Team. ” published by Google’s Cybersecurity Action Team.

Open Source 113

Open Source Systems Review System Software Review 113

Tenable

OCTOBER 6, 2023

A SANS Institute survey found that budgets for ICS/OT security have shrunk, and advises on how to do more with less. In addition, CISA’s Cybersecurity Awareness Month campaign challenges tech vendors to build safer products. For more information about ICS/OT security, check out these Tenable blogs and videos: “ Three U.S.

Budget 65

Budget Report Survey Open Source 65

Tenable

MARCH 14, 2024

CVE Description CVSSv3 Severity CVE-2023-48788 Critical SQL Injection Vulnerability (or Improper neutralization of special elements in an SQL command) 9.3 Critical At the time this blog was published, Fortinet’s advisory assigned a CVSSv3 score of 9.3 and also links to an advisory that is not currently available.

Software Review 66

Software Review Systems Review Authentication Infrastructure 66

Tenable

NOVEMBER 24, 2023

Uncle Sam wants your input on the latest version of the “Secure Software Development Attestation Form” that federal agencies will use to assess the security of software vendors. government will evaluate the security practices of its software vendors – and offer your two cents. In addition, there’s a new zero trust certification.

Software Review 70

Software Review Software Insurance Software Development 70

Tenable

JANUARY 31, 2024

Frequently asked questions for four CVEs affecting Ivanti Connect Secure and Policy Secure Gateways, with three of the vulnerabilities having been exploited in the wild as zero-days. Released January 10 CVE-2024-21887 Ivanti Connect Secure and Ivanti Policy Secure Command Injection Vulnerability 9.1

Policies 62

Policies Malware Authentication Software Review 62

Tenable

JUNE 12, 2023

CVE-2023-27997: Heap-Based Buffer Overflow in Fortinet FortiOS and FortiProxy SSL-VPN (XORtigate) Fortinet says a critical flaw in its SSL-VPN product may have been exploited in the wild in a limited number of cases. High CVE-2023-29180 FortiOS Null pointer de-reference in SSLVPNd 7.3 Patch your #Fortigate. Details at a later time.

Firewall 102

Firewall Authentication Research Groups 102

Tenable

DECEMBER 12, 2023

4 Critical 29 Important 0 Moderate 0 Low Microsoft addresses 33 CVEs in its December 2023 Patch Tuesday release, with no zero-day vulnerabilities disclosed this month. Microsoft patched 33 CVEs in its December 2023 Patch Tuesday release, with four rated critical and 29 rated as important. It was assigned a CVSSv3 score of 9.6

Windows 112

Windows Software Review Azure Internet 112

Tenable

JULY 25, 2023

CVE Description CVSSv3 Severity CVE-2023-35078 Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability 10.0 Analysis CVE-2023-35078 is an authentication bypass vulnerability in Ivanti’s EPMM. Analysis CVE-2023-35078 is an authentication bypass vulnerability in Ivanti’s EPMM. less than 10).”

Mobile 98

Mobile Knowledge Base Authentication Government 98

Tenable

AUGUST 22, 2023

CVE Description CVSSv3 Severity CVE-2023-38035 Ivanti Sentry API Authentication Bypass Vulnerability 9.8 Critical Disclosure of this vulnerability is credited to researchers at mnemonic, which published its own blog post about the discovery. Just like CVE-2023-38035, its discovery is also credited to researchers at mnemonic.

Authentication 52

Authentication Knowledge Base Firewall Mobile 52

Synopsys

MAY 8, 2023

CVE-2023-25828 vulnerability; history, mitigation analysis, and everything you need to know about the remote code execution (RCE) vulnerability in Pluck CMS. Summary CVE-2023-25828, tracked in the Black Duck KnowledgeBase™ as BDSA-2023-0370, is an authenticated remote code execution vulnerability in Pluck CMS.

Software Review 93

Software Review PHP Systems Review Authentication 93

Tenable

AUGUST 8, 2023

Microsoft also released two advisories (ADV230003 and ADV230004) this month as well as a patch for a vulnerability in AMD processors (CVE-2023-20569). Important CVE-2023-38180 |.NET NET and Visual Studio Denial of Service Vulnerability CVE-2023-38180 is a Denial of Service (DoS) vulnerability in Microsoft Visual Studio,NET versions 6.0

Windows 98

Windows Software Review .Net Azure 98

Tenable

MARCH 14, 2023

Microsoft’s March 2023 Patch Tuesday Addresses 76 CVEs (CVE-2023-23397) Microsoft addresses 76 CVEs including two zero-days exploited in the wild, one of which was publicly disclosed. This CVE count includes two CVEs (CVE-2023-1017 and CVE-2023-1018) in the third party Trusted Platform Module (TPM2.0)

Windows 98

Windows Operating System Authentication Internet 98

Tenable

JANUARY 12, 2024

Check out expert recommendations for deploying AI tools securely. 1 - How to ensure AI helps, not hurts, cybersecurity How can organizations use artificial intelligence (AI) in a way that’s safe and that benefits cybersecurity? In addition, cyber insurance demand is forecast to grow robustly. And much more!

Systems Review 71

Systems Review System Technical Review Development Team Review 71

Tenable

FEBRUARY 14, 2023

Microsoft’s February 2023 Patch Tuesday Addresses 75 CVEs (CVE-2023-23376) Microsoft addresses 75 CVEs including three zero-day vulnerabilities that were exploited in the wild. CVE-2022-24521 was disclosed to Microsoft by the National Security Agency and CrowdStrike, and patched in Microsoft April Patch Tuesday.

Windows 99

Windows Azure Authentication Policies 99

Tenable

OCTOBER 16, 2023

CVE-2023-20198: Zero-Day Vulnerability in Cisco IOS XE Exploited in the Wild A maximum severity CVSS 10 zero-day vulnerability in Cisco IOS XE has been exploited in the wild. Analysis CVE-2023-20198 is a privilege escalation vulnerability affecting Cisco IOS XE software, receiving the highest possible CVSS score of 10.

Software Review 109

Software Review Systems Review Authentication Transportation 109

Tenable

FEBRUARY 9, 2024

Critical FG-IR-24-029 CVE-2023-47537 Fortinet FortiOS Improper Certificate Validation Vulnerability 4.4 Medium FG-IR-23-301 CVE-2023-44487 Fortinet FortiOS and FortiProxy HTTP/2 Rapid Reset Vulnerability 5.3 CVE Description CVSSv3 Severity CVE-2024-21762 Fortinet FortiOS Out-of-bound Write Vulnerability in sslvpnd 9.6

Malware 121

Malware Authentication Infrastructure Analysis 121

CIO

NOVEMBER 8, 2023

It is estimated by the end of 2023, 31% of organizations expect to run 75% of their workloads 2 in the cloud. However, it has also introduced new security challenges, specifically related to cloud infrastructure and connectivity between workloads as organizations have limited control over those connectivity and communications.

Cloud 338

Cloud Spyware AWS Malware 338

Tenable

MARCH 1, 2024

Check out what’s new in NIST’s makeover of its Cybersecurity Framework. Also, how to assess the cybersecurity capabilities of a generative AI LLM. 1 - NIST’s Cybersecurity Framework 2.0 1 - NIST’s Cybersecurity Framework 2.0 The Cybersecurity Framework at 10.and And the most prevalent malware in Q4. And much more!

Artificial Inteligence 73

Artificial Inteligence Malware Generative AI Government 73

Tenable

NOVEMBER 4, 2022

Get the latest on salary trends for CISOs and cybersecurity pros; CISA’s call for adopting phishing-resistant MFA; the White House’s ransomware summit; and more! and Canada improved this year compared with 2021 as employers paid up to retain their cybersecurity chiefs amidst a shortage of qualified candidates for these jobs.

Trends 102

Trends Authentication Recruiting Banking 102

Tenable

NOVEMBER 14, 2023

3 Critical 54 Important 0 Moderate 0 Low Update November 14: This blog has been updated to note the availability of fixes for Windows and Windows Server for CVE-2023-38545, a heap buffer overflow vulnerability in curl. Successful exploitation would result in a bypass of the security checks in Windows Defender SmartScreen.

Windows 69

Windows Systems Review Software Review .Net 69

Tenable

JULY 11, 2023

Microsoft’s July 2023 Patch Tuesday Addresses 130 CVEs (CVE-2023-36884) Microsoft addresses 130 CVEs including five that were exploited in the wild as zero-day vulnerabilities and guidance on the malicious use of Microsoft signed drivers. Exploitation of CVE-2023-36884 began in June 2023.

Windows 98

Windows Software Review Systems Review Authentication 98

Tenable

NOVEMBER 25, 2022

Get the latest on the Hive RaaS threat; the importance of metrics and risk analysis; cloud security’s top threats; supply chain security advice for software buyers; and more! . Understanding the Ransomware Ecosystem: From Screen Lockers to Multimillion-Dollar Criminal Enterprise ” (Tenable blog). What would this look like?

Metrics 52

Metrics Cloud Backup Software Review 52

Tenable

DECEMBER 9, 2022

It was at around this time last year that the discovery of the zero-day Log4Shell vulnerability in the ubiquitous Log4j open source component sent shockwaves through the worlds of IT and cybersecurity. . To get all the details, read the blog “ Are You Ready for the Next Log4Shell? 2 - OWASP’s top 10 CI/CD security risks.

Software Review 52

Software Review SMB Malware Development Team Review 52

Tenable

NOVEMBER 20, 2023

Background The Tenable Security Response Team has put together this blog to answer frequently Asked Questions (FAQ) regarding a critical vulnerability known as CitrixBleed. A logo for CitrixBleed was created by security researcher Kevin Beaumont. Critical CVE-2023-4967 Citrix NetScaler ADC and Gateway DoS Vulnerability 8.2

Technical Advisors 78

Technical Advisors Groups Research Network 78

Prisma Clud

NOVEMBER 17, 2023

In the dynamic realm of cybersecurity, certain vulnerabilities capture more attention than others. One such flaw is CVE-2023-22515, which affects the Confluence Data Center and Server. In this blog post, we break down the specifics of CVE-2023-22515, its consequences, and the best ways to safeguard against it.

Data Center 52

Data Center Data Cloud Authentication 52

Tenable

OCTOBER 14, 2022

14 | DevOps team culture is key for supply chain security | SecOps gets more challenging as attack surface expands | Weak credentials hurt cloud security | Incident responders grapple with stress | Security spending grows | And much more! . Topics that are top of mind for the week ending Oct.

Security 52

Security Weak Development Team Retail Software Review 52

Ivanti

JULY 11, 2023

What to expect in July 2023’s updates for Kerberos and Netlogon vulnerabilities Microsoft outlined a phased rollout of enforcement for both vulnerabilities, due to the fact that they are changing some core behaviors in two commonly used authentication mechanisms. For July, Microsoft is stepping up to full enforcement.

Software Review 84

Software Review Windows Systems Review Report 84

Ivanti

SEPTEMBER 1, 2023

According to Ivanti’s 2023 Press Reset cybersecurity report , over 50% of surveyed security professionals said their organizations hadn’t experienced a phishing incident in the last 24-months – despite virtually every organization getting phished in 2022! Ultimately, AJ emphasized, "Security is a mindset; it's a culture.

Security 87

Security ChatGPT How To Generative AI 87