Tenable

MARCH 14, 2024

Fortinet warns of a critical SQL Injection vulnerability that could allow an unauthenticated attacker to execute arbitrary code on vulnerable FortiClientEMS software. Critical At the time this blog was published, Fortinet’s advisory assigned a CVSSv3 score of 9.3 IOCs, POC, and deep-dive blog to be released next week.

Software Review 66

Software Review Systems Review Authentication Infrastructure 66

Honeycomb

OCTOBER 26, 2023

This blog will walk you through building out different prompts, exploring the outputs, and optimizing them for better results. Building our first prompt We have a list of products, and behind the scenes, each product has tags to describe it. We are lucky that so far, our LLM is returning tags in CSV format for our code to use.

Artificial Inteligence 109

Artificial Inteligence Engineering Examples Metrics 109

Xebia

DECEMBER 9, 2023

To understand why, you need to know what the attack vectors of your workflow are and how you can guard yourself against them. To get some understanding of the risk we need to look at the results of an attack on your workflows. The recent Solorigate [4] attack is a prime example of this type of attack.

Software Review 130

Software Review DevOps Examples Engineering 130

Tenable

APRIL 12, 2024

The attack against Microsoft began in November 2023, when Midnight Blizzard – also known as Nobelium, Cozy Bear and APT29 – compromised a legacy, non-production test account that lacked multi-factor authentication protection. While 34% said AI will help security teams more than attackers, 31% opined that it will benefit both groups equally.

Generative AI 115

Generative AI Malware Trends Government 115

Tenable

NOVEMBER 20, 2023

Background The Tenable Security Response Team has put together this blog to answer frequently Asked Questions (FAQ) regarding a critical vulnerability known as CitrixBleed. High We published a blog post for both vulnerabilities on October 18. Double extortion attacks are what have fueled the success of ransomware over the years.

Technical Advisors 78

Technical Advisors Groups Research Network 78

Tenable

DECEMBER 10, 2021

Attackers have begun actively scanning for and attempting to exploit the flaw. An unauthenticated, remote attacker could exploit this flaw by sending a specially crafted request to a server running a vulnerable version of log4j. Query our API for "tags=CVE-2021-44228" for source IP addresses and other IOCs. Background.

Applications 142

Applications Research Report Games 142

Tenable

MARCH 14, 2023

9 Critical 66 Important 1 Moderate 0 Low Update March 14: This blog has been updated to reflect the correct title for CVE-2023-23397 as well as new information from Microsoft regarding the in-the-wild exploitation of this flaw. The attacker can use this hash to authenticate as the victim recipient in an NTLM relay attack.

Windows 98

Windows Operating System Authentication Internet 98

Ivanti

APRIL 9, 2024

For more information on updates, see the blog update and security advisory. No new CVEs include disclosed or exploited tags this month. The recently updated CVE ( CVE-2023-24932 ) was the only CVE to include exploited or disclosed tags. The updates resolve four CVEs. For more details see Apple’s Security Releases page.

Windows 79

Windows Azure Systems Review .Net 79

Tenable

MARCH 25, 2024

Like so many other complex technological systems, OT systems in the DoD’s fleet and transportation systems are vulnerable to attacks from bad actors. In this blog post, we’ll outline the challenges involved in protecting the DoD’s transportation systems from cyberattacks, and offer OT security recommendations.

Transportation 67

Transportation Network System Infrastructure 67

Xebia

JUNE 19, 2023

Introduction Welcome to part three of the blog series about Application Security Testing. In this blog we are going to learn about Interactive Application Security Testing (IAST). We will look at their SCA solution in a later blog. The library findings will be discussed in the next blog. Click on “Vulnerabilities”.

Applications 130

Applications Testing How To Tools 130

Tenable

MAY 18, 2022

In order to exploit this vulnerability, a remote attacker capable of accessing the respective user interface could bypass the authentication for these various products. In order to exploit this vulnerability, an attacker would need to have local access to the vulnerable instances of Workspace ONE Access and Identity Manager.

Authentication 99

Authentication Internet Infrastructure Research 99

Tenable

FEBRUARY 25, 2020

Attackers are probing for vulnerable Microsoft Exchange Servers, as details surrounding a severe flaw were recently made public. The use of static keys could allow an authenticated attacker with any privilege level to send a specially crafted request to a vulnerable ECP and gain SYSTEM level arbitrary code execution. Background.

Authentication 115

Authentication Research Open Source Tools 115

Tenable

JULY 11, 2023

According to researchers at Microsoft, exploitation of CVE-2023-36884 has been attributed to a threat actor known as Storm-0978, also known as DEV-0978 and RomCom, a reference to the backdoor used by the group as part of its attacks. For more information, please refer to Microsoft’s blog post. It was assigned a CVSSv3 score of 8.8

Windows 98

Windows Software Review Systems Review Authentication 98

The Crazy Programmer

MARCH 3, 2021

After paying my Spectrum TV bill online, I jumped on to a blog about cybersecurity attacks and the need to take it seriously. Tag along to find that out! Issues such as the end of life of the server or a new ransomware attack require a reevaluation of the risk profile. Okay, cybersecurity is important.

Systems Review 147

Systems Review Guidelines Compliance Firewall 147

The Parallax

MAY 15, 2018

New security research referred to as EFail highlights two kinds of attacks against emails protected with OpenPGP, a variant of PGP that serves as email clients’ primary encryption protocol, and S/MIME. Direct exfiltration, the first type of attack the report details, affects Apple Mail, iOS Mail, and Mozilla Thunderbird.

Research 185

Research Report Exercises Testing 185

Tenable

FEBRUARY 24, 2020

It was discovered and reported by Clément Lecigne, security engineer of Google’s Threat Analysis Group (TAG). We will update this blog post if and when this information becomes available. While this vulnerability has been exploited in the wild, at the time this blog post was published, there was no public proof-of-concept available.

Linux 108

Linux Open Source Analysis Windows 108

Tenable

APRIL 16, 2024

But sometimes we like to give you a peek behind the curtain to share how we protect our own house against cyberattacks – and that’s what this blog is about. Supply chain attack: An attack that targets vulnerabilities in the software supply chain. Source code: Human-readable text written in a programming language.

Software Review 69

Software Review Software Systems Review Guidelines 69

Tenable

NOVEMBER 2, 2020

A pair of zero-day vulnerabilities in Google Chrome (CVE-2020-15999) and Microsoft Windows (CVE-2020-17087) were chained together and exploited in the wild in targeted attacks. An attacker could exploit the vulnerability by using social engineering to trick a user to visit a malicious website hosting a specially crafted font file.

Windows 102

Windows Technical Review Software Review Systems Review 102

Tenable

NOVEMBER 8, 2022

MoTW is a security feature used to tag files downloaded from the internet and prevent them from performing certain actions. and require user interaction — an attacker would need to entice a victim into opening the crafted file. successful exploitation would allow an attacker to gain SYSTEM privileges. With a CVSSv3 score of 7.8,

Windows 101

Windows Azure Open Source Policies 101

Palo Alto Networks

JULY 25, 2023

To thwart attacks from both internal attendees and external actors, Black Hat partners with a select group of cybersecurity organizations. For example, Black Hat features some of the top training in the world with students eager to try out the latest attack techniques on live targets. A view of the NOC.

Network 52

Network Firewall Conference LAN 52

Tenable

JUNE 8, 2021

It was discovered by researchers at Kaspersky and is associated with a “wave of highly targeted attacks” by a group they call PuzzleMaker. An attacker could use this vulnerability to disclose information from the system, such as kernel addresses. Microsoft notes that this flaw has been actively exploited in the wild as a zero-day.

3D 92

3D Windows Research Trends 92

Lacework

JULY 15, 2022

This blog takes a look at the latter technique in recent cryptojacking activity from a group known as WatchDog. Most leverage the same overarching tactics such as opportunistic attacks and propagation and XMRig installation. Previous blogs about Watchdog attacks report targeting of Chinese network ranges. Malware Details.

Malware 96

Malware Network Storage Groups 96

Palo Alto Networks

JULY 22, 2020

The attack surface is growing, providing lucrative opportunities for those who want to exploit this new norm. Hackers are accelerating their attack campaigns with original and proven techniques – often designed to take advantage of the pandemic. Enterprises want to prevent these attacks and protect their remote workforce.

Machine Learning 63

Machine Learning Artificial Inteligence Enterprise Video 63

LaunchDarkly

JANUARY 22, 2020

In this blog post, we’re going to cover a method to reduce your risk exposure by leveraging feature flags and your existing bug bounty program. Our goal is to catch and patch more bugs before attackers have a chance to find them. * * *. The internet has become a very hostile place. The application security funnel.

Programming 98

Programming SDLC Research Policies 98

The Accidental Successful CIO

AUGUST 9, 2023

They could also send you insider details about service providers like your health-insurance company, so they can launch a ransomware attack. Don’t tag images. They can also search on Twitter for tags like “#LifeAtCompanyX” to get intel on you or your business. And so on it goes. The consequences can, of course, be alarming.

Media 52

Media Social Hotels Network 52

Tenable

OCTOBER 15, 2020

This ensures that customers and security vendors are able to clearly understand the impact of the vulnerability and communicate that with others using the industry-standard CVSS metrics, such as Attack Vector (AV) or Exploit Code Maturity (E). Common channels include mailing lists, forum posts, blog posts, indexed HTML pages and APIs. .

Software Review 99

Software Review Technical Review Weak Development Team Metrics 99

Palo Alto Networks

APRIL 22, 2020

Cortex XDR application and agent releases in March and April introduce an amazing array of new features to help your security team identify threats in network traffic, orchestrate response at scale and reduce the attack surface of their endpoints. . MITRE ATT&CK Tagging for Alerts and BIOC Rules. Enhanced Network Visibility .

Network 53

Network Windows Firewall Linux 53

Tenable

JULY 12, 2023

An attacker could exploit this vulnerability to gain RCE on a vulnerable module by sending specially crafted common industrial protocol (CIP) messages. An attacker could exploit this vulnerability to cause a DoS condition on a target system by sending specially crafted CIP messages to a vulnerable device.

Systems Review 52

Systems Review Network Technical Review Software Review 52

Tenable

FEBRUARY 8, 2023

It’s essential for external attack surface management products to offer users a variety of data-extraction methods so that they can use the data in different scenarios and use cases. That’s understandable because an external attack surface management (EASM) tool should be treated more like a data pipeline in a security management process.

Data 52

Data How To Testing Analysis 52

Palo Alto Networks

MAY 1, 2019

Everyone knows that in order for a news article, blog post or white paper to have any credibility, a writer needs to cover the “who, what, where, when, why and how” of the topic. This means that attackers can no longer use a generic application, such as web services (HTTP/HTTPS), to bypass the security control.

Technical Review 78

Technical Review Firewall Policies Systems Review 78

Linux Academy

MAY 31, 2019

Monitoring Changes to Identify Attackers or Rogue Employees. Once we’ve deployed these devices, we need to monitor for unauthorized changes that could indicate an attack. These tools provide reporting on changes to the operating system — but come with a price tag. How do we do this kind of monitoring?

Backup 92

Backup Linux Systems Review Operating System 92

Linux Academy

MARCH 25, 2019

Yes, we know the dangers that exist, such as rogue DHCP servers or “drop boxes” that attackers leave behind to gain a foothold inside your network. If you have a virtual environment and are using VLAN tagging in your virtual setup, this is not a problem. If you want to put this on a physical box, though, it’s a bit more challenging.

Network 96

Network Infrastructure Linux Open Source 96

Palo Alto Networks

MARCH 13, 2020

On March 17, our webinar “ Leverage Your Firewall to Expose Attackers Hiding in Your Network ” webinar will share tips on using Cortex XDR to discover network threats. These analysts are called Unit 42: the global threat intelligence team at Palo Alto Networks that is renowned for their work to hunt, catch and tag threats.

Artificial Inteligence 60

Artificial Inteligence Malware Artificial Intelligence SMB 60

Tenable

NOVEMBER 18, 2021

Learn how SSRF flaws arise, why three common attack paths are so challenging to mitigate and how Tenable.io An SSRF can be used by an attacker to access internal services that may be sensitive or to retrieve resources such as configuration files containing credentials and other secrets. Three common attack paths for SSRF exploits.

Applications 52

Applications AWS Network Examples 52

Strategy Driven

MARCH 13, 2023

In this blog post, we will explore why hiring a professional web designer is important and how they can help you create a website that will stand out in the competitive online world. This includes optimizing the title tags, header tags, meta descriptions, and content to ensure they include relevant keywords and are structured correctly.

Mobile 46

Mobile Engineering Firewall Backup 46

Palo Alto Networks

JUNE 25, 2021

This is the first of a two-part blog series, breaking down the cost of dealing with a cybersecurity incident versus the cost of investing to prevent an incident. declaring that yet another organization has fallen victim to a cybersecurity attack. declaring that yet another organization has fallen victim to a cybersecurity attack.

Small Business 52

Small Business Compliance Report Resources 52

Zensar

MARCH 5, 2020

This blog talks about the top 3 key areas that form the basis of any successful ERP migration: Choosing the right cloud platform and services Building a risk-free migration plan Monitoring and optimization. Security Posture analysis and improvement plan. OEM Cloud (Oracle Enterprise Manager Cloud) 13c for managing cloud operations.

Infrastructure 45

Infrastructure Cloud Disaster Recovery Hardware 45