Tenable

DECEMBER 8, 2020

The final Patch Tuesday of 2020 includes fixes for 58 CVEs, including workaround details for a severe vulnerability in Windows DNS Resolver called SAD DNS. Microsoft patched 58 CVEs in the December 2020 Patch Tuesday release, including 9 CVEs rated as critical. CVE-2020-25705 | Windows DNS Resolver Spoofing Vulnerability.

Software Review 106

Software Review Windows Systems Review Azure 106

Tenable

MARCH 17, 2020

CVE-2020-8467 is a vulnerability in Apex One and OfficeScan in a component of a migration tool. A remote, authenticated attacker could exploit this vulnerability and gain arbitrary code execution on affected Apex One and OfficeScan installations. March 16, 2020: Trend Micro Security Bulletin for Apex One and OfficeScan.

Trends 104

Trends Software Review Systems Review Authentication 104

Tenable

OCTOBER 13, 2020

Microsoft patched 87 CVEs in the October 2020 Patch Tuesday release, including 11 CVEs rated critical. CVE-2020-16898 | Windows TCP/IP Remote Code Execution Vulnerability. CVE-2020-16898 , dubbed “Bad Neighbor,” is a critical remote code execution (RCE) vulnerability within the Windows TCP/IP stack.

Windows 104

Windows Software Review Systems Review Advertising 104

Tenable

MAY 3, 2020

CVE-2020-11651 is an authentication bypass in two methods of the ClearFuncs class. The first method, _send_pub(), is unintentionally exposed, allowing an attacker to queue messages on the master server that can be used to cause minion agents to execute arbitrary code. Source code is unaffected. . are vulnerable.

Technical Advisors 104

Technical Advisors Open Source Software Review Systems Review 104

Tenable

APRIL 12, 2024

An unauthenticated, remote attacker could exploit this vulnerability to execute code on an affected firewall with root privileges. While no specific details about these attacks were available at the time this blog was published, researchers at Volexity are credited with discovering the flaw. prior to 10.2.9-h1 h1 PAN-OS 10.2.9-h1

Network 118

Network Firewall Software Review Systems Review 118

Tenable

JULY 14, 2020

SAP NetWeaver is considered the “central foundation for the entire SAP software stack” and allows access to SAP data over Hypertext Transfer Protocol (HTTP). CVE-2020-6287 is caused by a complete lack of authentication in the SAP NetWeaver AS Java’s LM Configuration Wizard. the highest possible CVSS score. Proof of concept.

Applications 99

Applications Software Review Systems Review Authentication 99

Tenable

SEPTEMBER 10, 2020

PAN-OS devices that have enabled the captive portal or multi-factor authentication features are vulnerable to a critical buffer overflow flaw. CVE-2020-2040 is a critical buffer overflow vulnerability in PAN-OS when either the Captive Portal or Multi-Factor Authentication (MFA) feature has been enabled. CVE-2020-2036.

Software Review 109

Software Review Systems Review Authentication Firewall 109

Tenable

MARCH 6, 2020

CVE-2020-8597 is a buffer overflow vulnerability in pppd due to a logic flaw in the packet processor of the Extensible Authentication Protocol (EAP). As pppd works in conjunction with kernel drivers and often runs with high privileges such as system or even root, any code execution could also be run with these same privileges.

Software Review 102

Software Review Systems Review Linux Authentication 102

Tenable

NOVEMBER 10, 2020

Microsoft patched 112 CVEs in the November 2020 Patch Tuesday release, including 17 CVEs rated as critical. CVE-2020-17087 | Windows Kernel Local Elevation of Privilege Vulnerability. CVE-2020-17087 was used to escape Google Chrome’s sandbox in order to elevate privileges on the exploited system.

Windows 105

Windows Software Review Azure Systems Review 105

Tenable

OCTOBER 18, 2023

On October 17, Mandiant released a blog post and remediation guidance document where they noted that exploitation of a zero-day vulnerability, later identified as CVE-2023-4966, was observed in late August. Successful exploitation allows the attacker to bypass multifactor authentication (MFA) requirements. and later releases of 13.0

Systems Review 67

Systems Review Software Review Authentication Virtualization 67

Tenable

NOVEMBER 5, 2020

On November 2, researchers at FireEye published a blog post detailing findings from a Mandiant incident response investigation that led to the discovery of an uncharacterized (UNC) group they refer to as UNC1945. On November 4, FireEye published a follow-up blog post providing additional details about the vulnerability. Background.

Authentication 73

Authentication Research Software Review Systems Review 73

Tenable

JULY 6, 2020

Three days after an advisory was disclosed for a critical remote code execution vulnerability in F5’s BIG-IP, active attempts to exploit vulnerable hosts have been observed in the wild. CVE-2020-5902 is a critical vulnerability in the BIG-IP Traffic Management User Interface (TMUI) also known as the Configuration Utility. Background.

Software Review 98

Software Review Technical Review Systems Review Research 98

Tenable

DECEMBER 8, 2020

The vulnerability was disclosed by the NSA to VMware, which published details in a security advisory, VMSA-2020-0027.2 , on November 23. CVE-2020-4066 is a command injection vulnerability in the administrative configurator component in certain versions of VMware products. Exploiting CVE-2020-4006 to access protected data.

Linux 63

Linux Software Review Systems Review Windows 63

Ivanti

SEPTEMBER 12, 2022

Remote authentication on Shared iPad. MDM administrators can also choose to always enforce remote authentication or to define a grace period before remote authentication is required, providing the flexibility to determine when remote passcode changes take effect on existing cached sign-ins. What else is coming?

Software Review 77

Software Review Authentication Internet Resources 77

Tenable

MARCH 11, 2021

F5 releases patches for multiple vulnerabilities in BIG-IP and BIG-IQ, including a critical remote command execution flaw that does not require authentication and is likely to attract exploits in the near future. All four vulnerabilities require an attacker to be authenticated to the vulnerable system in order to exploit these flaws.

Software Review 99

Software Review Systems Review Authentication Policies 99

Tenable

APRIL 27, 2020

According to Sophos, they were able to identify “an attack against physical and virtual XG Firewall units” after reviewing the report of a “suspicious field value” in the XG Firewall’s management interface. There was no proof-of-concept (PoC) available for this vulnerability at the time this blog post was published. Proof of concept.

Firewall 101

Firewall WAN Operating System Systems Review 101

Xebia

DECEMBER 16, 2022

In this blog post, I want to talk about what happened in other parts of the development world in terms of security and how the embedded world can learn from it. For example, look at how the OWASP Top 10 has changed from 2013 to 2020. The SBOM or Software Bill of Materials discussion connects directly to this issue.

Systems Review 130

Systems Review Software Review Automotive Education 130

Tenable

SEPTEMBER 17, 2020

According to CISA, these foreign threat actors have been leveraging a number of unpatched vulnerabilities across a variety of networking devices and mail server software as part of a concerted effort to breach organizations. CVE-2020-0688. CVE-2020-5902. This blog post was published on September 17 and reflects VPR at that time.

Software Review 102

Software Review Authentication Research Government 102

Palo Alto Networks

OCTOBER 21, 2021

financial services firm that relies on a widely used multi-factor authentication (MFA) mobile app to protect access to email, customer files and other sensitive data. 1, 2020, the average wire fraud attempted was $567,000 and the highest was $6 million. We provide more detail about how to handle legacy authentication below.).

Software Review 87

Software Review Authentication Systems Review Education 87

Tenable

JUNE 2, 2023

Background On May 31, Progress Software Corporation (“Progress Software”), published an advisory for a “critical” vulnerability in MOVEit Transfer, a secure managed file transfer (MFT) software used by a variety of organizations. Successful exploitation would give an attacker access to the underlying MOVEit Transfer instance.

Technical Review 94

Technical Review Software Review Systems Review Groups 94

Tenable

SEPTEMBER 7, 2021

On August 25, Atlassian published a security advisory for a critical vulnerability in its Confluence Server and Data Center software. This blog post was published on September 7 and reflects VPR at that time. Successful exploitation would allow an attacker to execute arbitrary code. Image Source: Censys Blog. Description.

Data Center 101

Data Center Software Review Authentication Linux 101

TechCrunch

JUNE 7, 2021

In a blog post in February 2017 , she described her boss coming on to her in a company chat channel on her first day on the job. Four female engineers spoke with me about their challenges: Tammy Butow, principal software reliability engineer (SRE) at Gremlin. Rona Chong, software engineer at Grove Collaborative.

Engineering 282

Engineering Technical Review Software Review Software Engineering 282

Tenable

JULY 14, 2023

Plus, check out the 25 most dangerous software weaknesses. MCAs (malicious cyber actors) can multiply impacts severalfold by exploiting the source of software deployed to multiple operational environments,” the guide reads. “By These weaknesses lead to serious vulnerabilities in software. Learn about the guidance from the U.S.

Weak Development Team 52

Weak Development Team Software Review Software Technical Review 52

Tenable

AUGUST 3, 2023

The joint CSA recognizes this as well, adding that these malicious attackers have targeted “older software vulnerabilities rather than recently disclosed vulnerabilities,” while also highlighting the significance of vulnerabilities in internet-facing systems. This blog post was published on August 3 and reflects VPR at that time.

Authentication 52

Authentication Data Center Software Review Windows 52

Tenable

OCTOBER 7, 2022

On October 6, the Cybersecurity and Infrastructure Security Agency (CISA) along with the National Security Agency (NSA) and Federal Bureau of Investigation (FBI) issued a joint cybersecurity advisory (CSA), identified as AA22-279A, outlining the top 20 CVEs exploited by the People’s Republic of China (PRC) state-sponsored threat actors since 2020.

WAN 52

WAN Software Review Authentication Systems Review 52

Tenable

SEPTEMBER 22, 2023

Furthermore, don’t miss new source-code management tips from the OpenSSF. The purpose of the KEV is simple: while focusing on vulnerabilities that have been exploited isn’t sufficient, it’s absolutely necessary – so let’s start there,” reads CISA’s blog about the KEV milestone. And much more!

Insurance 70

Insurance Trends IoT Software Review 70

Tenable

JULY 22, 2020

Threat actors utilize publicly available proof of concept code and exploit scripts to target unpatched vulnerabilities within organizations and government entities. The advisory states that this threat actor is leveraging public proof of concept (PoC) code as part of their attacks. Background. CVE-2019-0604. Microsoft SharePoint.

WAN 96

WAN Software Review Authentication Government 96

Tenable

APRIL 26, 2024

Recommendations for protecting software development pipelines. With v15 we were aiming for the perfect balance of familiar behaviors you’ve probably seen countless times … as well as newer, emerging trends,” reads the blog announcing Version 15 of MITRE ATT&CK, a knowledge base of adversary tactics, techniques and procedures.

Security 71

Security Cloud Artificial Inteligence Generative AI 71

Tenable

NOVEMBER 29, 2022

In this blog, we explore these eight common cloud security concerns: The shared responsibility model. Software supply-chain attacks through dependency confusion. Software-as-a-service (SaaS)-based application permission management. Cloud service providers do not patch the code when a vulnerability exists. Insecure APIs.

Applications 52

Applications Cloud Software Review Systems Review 52

Palo Alto Networks

AUGUST 2, 2021

School districts tend to run older equipment and older software, which means that they’re more susceptible to cyberattacks since legacy systems are more difficult to update. From there, use a strong username and password for the password manager itself and make sure to enable two-factor authentication (2FA) as well.

Technical Review 98

Technical Review Authentication Education Software Review 98

Tenable

SEPTEMBER 30, 2021

Thanks to Satnam Narang from the Security Response Team for his contributions to this blog post. On August 23, UpGuard Research published a blog post detailing its discovery of the exposure of 38 million records across 47 entities via Microsoft Power Apps portals. Two-thirds of cloud breaches were due to misconfigurations.

Software Review 52

Software Review Systems Review Research How To 52

Tenable

JUNE 27, 2023

In this blog post, we look at the true nature of vulnerabilities and their fixes on the shop floor. Another example of a configuration weakness is the many devices that have no authentication at all when a method is available. You can see we were able to identify CVE-2020-6998 present on a Rockwell controller.

Software Review 53

Software Review Firewall Windows Systems Review 53

Tenable

JULY 30, 2021

Federal Bureau of Investigation (FBI) issued a joint alert identifying the top 10 most commonly exploited software vulnerabilities between 2016-2019. While 30 vulnerabilities are referenced in the alert, one vulnerability (CVE-2018-13379) is listed twice for both 2020 and 2021. and Tenable Lumin. while the VPR score is Critical (9.4)

Software Review 105

Software Review Technical Review Comparison Machine Learning 105

Tenable

OCTOBER 29, 2021

This blog post will explore tactics and vulnerabilities leveraged by attackers and how they compare to the treats of the season. We’ll explore how attackers: achieve initial access, elevate privileges, compromise Active Directory and perform remote code execution. Assorted bag: Initial access. It’s similar with initial access.

SMB 98

SMB Software Review Minimum Viable Product Systems Review 98

Tenable

JULY 12, 2021

This blog post explains what defines an attack surface and presents an example of how Tenable's data allows security professionals to have a more realistic view of their exposure. Cyberthreats do not rely solely on software vulnerabilities. What is an Attack Surface? Attack vectors. Each attack vector will then have a weight.

Software Review 99

Software Review Systems Review Technical Review Metrics 99

Tenable

JANUARY 2, 2020

Cisco kicks off 2020 with 12 CVEs in Cisco Data Center Network Manager, including three critical authentication bypass vulnerabilities. A total of 12 vulnerabilities were found and reported to Cisco, 11 of which were discovered by Steven Seeley of Source Incite. (@steventseeley) January 2, 2020. steventseeley) January 2, 2020.

Data Center 19

Data Center Authentication Software Review Network 19

Tenable

FEBRUARY 4, 2021

Warren specifically suggested reviewing log files to identify “anomalous requests” to the vulnerable device. Look for anomalous requests to: /cgi-bin/management That do not also have a preliminary request to: /__api__/v1/logon (200) /__api__/v1/logon/ /authenticate Indicating auth bypass. Rich Warren (@buffaloverflow) January 31, 2021.

Mobile 53

Mobile Authentication Technical Review WAN 53