Tenable

APRIL 8, 2021

In March 2021, the FBI and CISA observed APT actors scanning and enumerating publicly accessible Fortinet systems over ports 4443, 8443 and 10443. The agencies believe these APT actors are gathering a list of vulnerable systems in both the public and private sectors in preparation for future attacks. CVE-2020-12812.

Authentication 108

Authentication Systems Review Research Groups 108

Tenable

MAY 3, 2020

Salt utilizes a “master” server that controls agents known as “minions" that collect data for the system and carries out tasks. CVE-2020-11651 is an authentication bypass in two methods of the ClearFuncs class. CVE-2020-11652 is a directory traversal security flaw in the “wheel” module that is used to read and write files.

Technical Advisors 104

Technical Advisors Open Source Software Review Systems Review 104

Tenable

SEPTEMBER 10, 2020

PAN-OS devices that have enabled the captive portal or multi-factor authentication features are vulnerable to a critical buffer overflow flaw. On September 9, Palo Alto Networks (PAN) published nine security advisories for a series of vulnerabilities affecting PAN-OS , a custom operating system (OS) found in PAN’s next-generation firewalls.

Software Review 110

Software Review Systems Review Authentication Firewall 110

Tenable

APRIL 12, 2024

Background On April 12, Palo Alto Networks released a security advisory for a critical command injection vulnerability affecting PAN-OS, the custom operating system (OS) Palo Alto Networks (PAN) uses in their next-generation firewalls. Affected Version Hotfix Release Version Expected Release Date PAN-OS 10.2 prior to 10.2.9-h1

Network 119

Network Firewall Software Review Systems Review 119

Tenable

JULY 14, 2020

CVE-2020-6287 is caused by a complete lack of authentication in the SAP NetWeaver AS Java’s LM Configuration Wizard. An attacker could gain access to adm , the operating system user that has “unlimited access to all local resources related to SAP systems.” Publicly accessible NetWeaver AS JAVA systems.

Applications 100

Applications Software Review Systems Review Authentication 100

Tenable

OCTOBER 13, 2020

Microsoft patched 87 CVEs in the October 2020 Patch Tuesday release, including 11 CVEs rated critical. CVE-2020-16898 | Windows TCP/IP Remote Code Execution Vulnerability. CVE-2020-16898 , dubbed “Bad Neighbor,” is a critical remote code execution (RCE) vulnerability within the Windows TCP/IP stack.

Windows 105

Windows Software Review Systems Review Advertising 105

Tenable

NOVEMBER 10, 2020

Microsoft patched 112 CVEs in the November 2020 Patch Tuesday release, including 17 CVEs rated as critical. CVE-2020-17087 | Windows Kernel Local Elevation of Privilege Vulnerability. CVE-2020-17087 was used to escape Google Chrome’s sandbox in order to elevate privileges on the exploited system.

Windows 105

Windows Software Review Azure Systems Review 105

Tenable

MARCH 6, 2020

pppd is a daemon on Unix-like operating systems used to manage PPP session establishment and session termination between two nodes. CVE-2020-8597 is a buffer overflow vulnerability in pppd due to a logic flaw in the packet processor of the Extensible Authentication Protocol (EAP). RHSA-2020:0631. RHSA-2020:0630.

Software Review 102

Software Review Systems Review Linux Authentication 102

Tenable

SEPTEMBER 14, 2020

Security researchers reveal how the cryptographic authentication scheme in Netlogon can be exploited to take control of a Windows domain controller (DC). On September 11, researchers at Secura published a blog post for a critical vulnerability they’ve dubbed “Zerologon.” Image source: Secura CVE-2020-1472 Whitepaper. Background.

Windows 115

Windows LAN Backup Authentication 115

Tenable

OCTOBER 2, 2023

This blog post was published on October 2 and reflects VPR at that time. An unauthenticated (or pre-authenticated) attacker could exploit this vulnerability by sending a specially crafted POST request to a vulnerable WS_FTP Server. Critical CVE-2023-42657 WS_FTP Directory Traversal Vulnerability 9.9 WS_FTP Server 2022 2022.0.2

Software Review 121

Software Review Software Systems Review Authentication 121

Tenable

OCTOBER 21, 2020

On October 20, Oracle released the Critical Patch Update (CPU) Advisory for October 2020 , its final quarterly release of security patches for the year. This quarter’s update marks the second-highest count in Oracle CPUs, surpassed only by the July 2020 update which holds the record with over 440 patches. Notable Vulnerabilities.

Systems Review 102

Systems Review Applications Construction Insurance 102

Tenable

OCTOBER 18, 2023

On October 17, Mandiant released a blog post and remediation guidance document where they noted that exploitation of a zero-day vulnerability, later identified as CVE-2023-4966, was observed in late August. Successful exploitation allows the attacker to bypass multifactor authentication (MFA) requirements. and later releases of 13.0

Systems Review 68

Systems Review Software Review Authentication Virtualization 68

Tenable

NOVEMBER 5, 2020

On November 2, researchers at FireEye published a blog post detailing findings from a Mandiant incident response investigation that led to the discovery of an uncharacterized (UNC) group they refer to as UNC1945. On November 4, FireEye published a follow-up blog post providing additional details about the vulnerability. Background.

Authentication 73

Authentication Research Software Review Systems Review 73

Tenable

DECEMBER 8, 2020

The vulnerability was disclosed by the NSA to VMware, which published details in a security advisory, VMSA-2020-0027.2 , on November 23. CVE-2020-4066 is a command injection vulnerability in the administrative configurator component in certain versions of VMware products. Exploiting CVE-2020-4006 to access protected data.

Linux 64

Linux Software Review Systems Review Windows 64

Tenable

APRIL 27, 2020

According to Sophos, they were able to identify “an attack against physical and virtual XG Firewall units” after reviewing the report of a “suspicious field value” in the XG Firewall’s management interface. There was no proof-of-concept (PoC) available for this vulnerability at the time this blog post was published. Proof of concept.

Firewall 101

Firewall WAN Operating System Systems Review 101

Tenable

JULY 6, 2020

Domain Name System (DNS). CVE-2020-5902 is a critical vulnerability in the BIG-IP Traffic Management User Interface (TMUI) also known as the Configuration Utility. The advisory states that the vulnerability could also “result in complete system compromise.”. Ben Goerz (@bengoerz) July 4, 2020. Link Controller.

Software Review 98

Software Review Technical Review Systems Review Research 98

Xebia

DECEMBER 16, 2022

In this blog post, I want to talk about what happened in other parts of the development world in terms of security and how the embedded world can learn from it. There were some common classes of vulnerabilities in the automotive, home connectivity and industrial control system devices. We presented this at ESCAR Europe 2022.

Systems Review 130

Systems Review Software Review Automotive Education 130

Tenable

APRIL 16, 2024

But sometimes we like to give you a peek behind the curtain to share how we protect our own house against cyberattacks – and that’s what this blog is about. Build system: A system that manages the process of transforming source code into executable binaries or other artifacts. You’re on your own, kid: SLSA is just a blueprint.

Software Review 69

Software Review Software Systems Review Guidelines 69

Tenable

MARCH 11, 2021

F5 releases patches for multiple vulnerabilities in BIG-IP and BIG-IQ, including a critical remote command execution flaw that does not require authentication and is likely to attract exploits in the near future. All four vulnerabilities require an attacker to be authenticated to the vulnerable system in order to exploit these flaws.

Software Review 100

Software Review Systems Review Authentication Policies 100

Infinidat

MARCH 28, 2024

You can find out right now why a slew of Global Fortune 500 enterprises deploy Infinidat enterprise storage solutions, including our award-winning InfiniBox™ SSA II all-flash system, InfiniBox® hybrid, and InfiniGuard®, supported by our unparalleled white glove service. You don’t only have to take our word for it.

Storage 69

Storage Biotech Enterprise Part-Time VPE 69

Tenable

JUNE 2, 2023

In addition to the on-prem version of MOVEit Transfer, Progress Software confirmed in a statement to BleepingComputer that MOVEit cloud was also impacted, adding that it “took immediate action, including bringing down MOVEit Cloud, to ensure the safety of our customers, while we reviewed the severity of the situation.”

Technical Review 94

Technical Review Software Review Systems Review Groups 94

Tenable

APRIL 26, 2024

With v15 we were aiming for the perfect balance of familiar behaviors you’ve probably seen countless times … as well as newer, emerging trends,” reads the blog announcing Version 15 of MITRE ATT&CK, a knowledge base of adversary tactics, techniques and procedures. But the full scope of the data theft won’t be known for a while.

Security 72

Security Cloud Artificial Inteligence Generative AI 72

Tenable

SEPTEMBER 17, 2020

CVE-2020-0688. CVE-2020-5902. This blog post was published on September 17 and reflects VPR at that time. The vulnerabilities in these alerts were disclosed between April 2019 and July 2020. Researchers Alyssa Herrera, Justin Wagner and Mimir published a blog post showing how this process works.

Software Review 102

Software Review Authentication Research Government 102

Tenable

OCTOBER 7, 2022

On October 6, the Cybersecurity and Infrastructure Security Agency (CISA) along with the National Security Agency (NSA) and Federal Bureau of Investigation (FBI) issued a joint cybersecurity advisory (CSA), identified as AA22-279A, outlining the top 20 CVEs exploited by the People’s Republic of China (PRC) state-sponsored threat actors since 2020.

WAN 52

WAN Software Review Authentication Systems Review 52

Palo Alto Networks

OCTOBER 21, 2021

financial services firm that relies on a widely used multi-factor authentication (MFA) mobile app to protect access to email, customer files and other sensitive data. He was annoyed by the intrusion, figuring it was some kind of system error, and rejected each request so he could focus on work. The FBI reports that BECs caused $1.87

Software Review 87

Software Review Authentication Systems Review Education 87

Tenable

AUGUST 3, 2023

The joint CSA recognizes this as well, adding that these malicious attackers have targeted “older software vulnerabilities rather than recently disclosed vulnerabilities,” while also highlighting the significance of vulnerabilities in internet-facing systems. This blog post was published on August 3 and reflects VPR at that time.

Authentication 52

Authentication Data Center Software Review Windows 52

Palo Alto Networks

AUGUST 2, 2021

School districts tend to run older equipment and older software, which means that they’re more susceptible to cyberattacks since legacy systems are more difficult to update. From there, use a strong username and password for the password manager itself and make sure to enable two-factor authentication (2FA) as well.

Technical Review 98

Technical Review Authentication Education Software Review 98

Tenable

JULY 22, 2020

On June 19, the Australian Cyber Security Centre (ACSC) published Advisory 2020-008 in response to reports that threat actors were targeting Australian government agencies and companies. Researchers at BishopFox published a blog post in December 2019 on CVE-2019-18935. Background.

WAN 96

WAN Software Review Authentication Government 96

Tenable

SEPTEMBER 7, 2021

This blog post was published on September 7 and reflects VPR at that time. Initial confusion surrounding authentication requirement. On September 2, Censys, a search engine for discovering internet devices, published a blog post analyzing the number of hosts vulnerable to CVE-2021-26084. Image Source: Censys Blog.

Data Center 101

Data Center Software Review Authentication Linux 101

Tenable

SEPTEMBER 22, 2023

Snatch, which appeared in 2018 and was originally known as Team Truniger, uses a ransomware-as-a-service (RaaS) model to operate, and employs a variety of frequently changing methods to breach systems and establish network persistence, the agencies said. “The For example, CISA may add a field for KEVs being used by ransomware actors.

Insurance 70

Insurance Trends IoT Software Review 70

Tenable

JUNE 27, 2023

The increased connections and new systems mean traditionally isolated systems are connected. In this blog post, we look at the true nature of vulnerabilities and their fixes on the shop floor. I bet most of you thought about Windows system patching, maybe CVE or CVSS scores of one flavor or another.

Software Review 53

Software Review Firewall Windows Systems Review 53

Tenable

JULY 12, 2021

Standardized taxonomies have dominated the way cybersecurity professionals describe and talk about systems' security. Common Vulnerabilities and Exposures (CVE) severity scores have become the primary methods of measuring the security of a system and its attack surface. What is an Attack Surface?

Software Review 100

Software Review Systems Review Technical Review Metrics 100

Tenable

SEPTEMBER 30, 2021

Thanks to Satnam Narang from the Security Response Team for his contributions to this blog post. On August 23, UpGuard Research published a blog post detailing its discovery of the exposure of 38 million records across 47 entities via Microsoft Power Apps portals. Two-thirds of cloud breaches were due to misconfigurations.

Software Review 52

Software Review Systems Review Research How To 52

Tenable

NOVEMBER 29, 2022

In this blog, we explore these eight common cloud security concerns: The shared responsibility model. In a previous blog post, Tenable CTO Glen Pendley detailed three key takeaways all infosec leaders should consider about the shared responsibility model to ensure organizations are meeting their security obligations as a part of the model.

Applications 52

Applications Cloud Software Review Systems Review 52

Tenable

FEBRUARY 4, 2021

On January 22, SonicWall published a product notification regarding a “coordinated attack on its internal systems” conducted by “highly sophisticated threat actors.” Warren specifically suggested reviewing log files to identify “anomalous requests” to the vulnerable device. Background. Rich Warren (@buffaloverflow) January 31, 2021.

Mobile 53

Mobile Authentication Technical Review WAN 53

Palo Alto Networks

AUGUST 18, 2021

According to the 2021 Unit 42 Ransomware Threat Report , the healthcare sector was the most targeted vertical for ransomware in 2020. They could not afford to have their systems locked out and thereby would be likely to pay a ransom. healthcare sector in 2020 — a 60 percent increase over the previous year. the previous year.

Healthcare 76

Healthcare Organization Backup Systems Review 76

Tenable

OCTOBER 29, 2021

This blog post will explore tactics and vulnerabilities leveraged by attackers and how they compare to the treats of the season. Multiple reports have shown that attackers of all types have adopted CVE-2020-1472, also known as Zerologon, into their attacks. Attackers have many treats from which to choose when targeting organizations.

SMB 98

SMB Software Review Minimum Viable Product Systems Review 98