Tenable

NOVEMBER 20, 2023

Background The Tenable Security Response Team has put together this blog to answer frequently Asked Questions (FAQ) regarding a critical vulnerability known as CitrixBleed. High We published a blog post for both vulnerabilities on October 18. Double extortion attacks are what have fueled the success of ransomware over the years.

Technical Advisors 78

Technical Advisors Groups Research Network 78

Xebia

DECEMBER 9, 2023

To understand why, you need to know what the attack vectors of your workflow are and how you can guard yourself against them. To get some understanding of the risk we need to look at the results of an attack on your workflows. The recent Solorigate [4] attack is a prime example of this type of attack.

Software Review 130

Software Review DevOps Examples Engineering 130

Tenable

MARCH 14, 2023

9 Critical 66 Important 1 Moderate 0 Low Update March 14: This blog has been updated to reflect the correct title for CVE-2023-23397 as well as new information from Microsoft regarding the in-the-wild exploitation of this flaw. The attacker can use this hash to authenticate as the victim recipient in an NTLM relay attack.

Windows 98

Windows Operating System Authentication Internet 98

The Crazy Programmer

MARCH 3, 2021

After paying my Spectrum TV bill online, I jumped on to a blog about cybersecurity attacks and the need to take it seriously. Tag along to find that out! Issues such as the end of life of the server or a new ransomware attack require a reevaluation of the risk profile. Okay, cybersecurity is important.

Systems Review 147

Systems Review Guidelines Compliance Firewall 147

Tenable

MAY 18, 2022

In order to exploit this vulnerability, a remote attacker capable of accessing the respective user interface could bypass the authentication for these various products. In order to exploit this vulnerability, an attacker would need to have local access to the vulnerable instances of Workspace ONE Access and Identity Manager.

Authentication 99

Authentication Internet Infrastructure Research 99

Tenable

FEBRUARY 24, 2020

It was discovered and reported by Clément Lecigne, security engineer of Google’s Threat Analysis Group (TAG). We will update this blog post if and when this information becomes available. While this vulnerability has been exploited in the wild, at the time this blog post was published, there was no public proof-of-concept available.

Linux 108

Linux Open Source Analysis Windows 108

Tenable

FEBRUARY 25, 2020

Attackers are probing for vulnerable Microsoft Exchange Servers, as details surrounding a severe flaw were recently made public. The use of static keys could allow an authenticated attacker with any privilege level to send a specially crafted request to a vulnerable ECP and gain SYSTEM level arbitrary code execution. Background.

Authentication 115

Authentication Research Open Source Tools 115

Tenable

JULY 11, 2023

According to researchers at Microsoft, exploitation of CVE-2023-36884 has been attributed to a threat actor known as Storm-0978, also known as DEV-0978 and RomCom, a reference to the backdoor used by the group as part of its attacks. For more information, please refer to Microsoft’s blog post. It was assigned a CVSSv3 score of 8.8

Windows 98

Windows Software Review Systems Review Authentication 98

Tenable

NOVEMBER 8, 2022

MoTW is a security feature used to tag files downloaded from the internet and prevent them from performing certain actions. and require user interaction — an attacker would need to entice a victim into opening the crafted file. successful exploitation would allow an attacker to gain SYSTEM privileges. With a CVSSv3 score of 7.8,

Windows 101

Windows Azure Open Source Policies 101

Tenable

NOVEMBER 2, 2020

A pair of zero-day vulnerabilities in Google Chrome (CVE-2020-15999) and Microsoft Windows (CVE-2020-17087) were chained together and exploited in the wild in targeted attacks. An attacker could exploit the vulnerability by using social engineering to trick a user to visit a malicious website hosting a specially crafted font file.

Windows 102

Windows Technical Review Software Review Systems Review 102

Tenable

FEBRUARY 8, 2023

It’s essential for external attack surface management products to offer users a variety of data-extraction methods so that they can use the data in different scenarios and use cases. Learn how Tenable.asm’s various data-extraction capabilities can help you operationalize your EASM data. That’s how Tenable.asm is designed.

Data 52

Data How To Testing Analysis 52

Tenable

JUNE 8, 2021

It was discovered by researchers at Kaspersky and is associated with a “wave of highly targeted attacks” by a group they call PuzzleMaker. An attacker could use this vulnerability to disclose information from the system, such as kernel addresses. Microsoft notes that this flaw has been actively exploited in the wild as a zero-day.

3D 92

3D Windows Research Trends 92

Lacework

JULY 15, 2022

This blog takes a look at the latter technique in recent cryptojacking activity from a group known as WatchDog. Most leverage the same overarching tactics such as opportunistic attacks and propagation and XMRig installation. Previous blogs about Watchdog attacks report targeting of Chinese network ranges. Malware Details.

Malware 96

Malware Network Storage Groups 96

Palo Alto Networks

JULY 22, 2020

The attack surface is growing, providing lucrative opportunities for those who want to exploit this new norm. Hackers are accelerating their attack campaigns with original and proven techniques – often designed to take advantage of the pandemic. Enterprises want to prevent these attacks and protect their remote workforce.

Machine Learning 63

Machine Learning Artificial Inteligence Enterprise Video 63

Tenable

OCTOBER 15, 2020

This ensures that customers and security vendors are able to clearly understand the impact of the vulnerability and communicate that with others using the industry-standard CVSS metrics, such as Attack Vector (AV) or Exploit Code Maturity (E). Common channels include mailing lists, forum posts, blog posts, indexed HTML pages and APIs. .

Software Review 99

Software Review Technical Review Weak Development Team Metrics 99

Palo Alto Networks

APRIL 22, 2020

Cortex XDR application and agent releases in March and April introduce an amazing array of new features to help your security team identify threats in network traffic, orchestrate response at scale and reduce the attack surface of their endpoints. . MITRE ATT&CK Tagging for Alerts and BIOC Rules. With Cortex XDR agent 7.1

Network 54

Network Windows Firewall Linux 54

Tenable

SEPTEMBER 23, 2019

Zero-day memory corruption vulnerability in Internet Explorer has been observed in attacks in the wild. Exploitation of this vulnerability could result in the attacker gaining arbitrary code execution under the same privileges as the current user. At the time this blog was published, no proof-of-concept (PoC) was available.

Internet 15

Internet Systems Review Software Review Analysis 15

Tenable

MARCH 11, 2024

Connectivity of physical assets— such as heating, ventilation, and air conditioning (HVAC) systems in data centers and office buildings, and cameras on the manufacturing floor – has created an expanding cyberattack surface. To combat these threats, enterprise security organizations must understand the risks to assets in a business context.

IoT 63

IoT Technical Review How To Systems Review 63

Tenable

JANUARY 20, 2020

Zero-day remote code execution vulnerability in Internet Explorer has been observed in attacks. Exploitation of this vulnerability could allow an attacker to corrupt memory and execute arbitrary code with the same level of privileges as the current user. Background.

Internet 19

Internet Windows Quality Assurance System 19

Xebia

APRIL 18, 2023

Depending on the complexity and relationship of topologies, each blog will contain 1 or 2 topologies. Target audience These series of blogs are targeted for readers in any size of company. In this series For the first blog in this series we will focus on two topologies: The most simple of set ups.

Load Balancer 130

Load Balancer Network Firewall Google Cloud 130

Palo Alto Networks

MARCH 10, 2023

Today, customers who want to detect identity-related attacks must rely on disparate, siloed products, such as user and endpoint behavior analytics (UEBA), insider risk management, endpoint-based identity threat detection and response (ITDR), etc. Add new custom alert fields for robust mapping and visibility. Cortex XDR 3.6

Artificial Inteligence 52

Artificial Inteligence Machine Learning Artificial Intelligence Analytics 52

Tenable

SEPTEMBER 17, 2021

This blog post was published on September 17 and reflects VPR at that time. An unauthenticated, remote attacker can exploit this flaw by sending a specially crafted request to a vulnerable over a publicly accessible remote management port (ports 5986, 5985 and 1270). Tags available to all GN users and customers now.

Linux 103

Linux Azure Research Infrastructure 103

Palo Alto Networks

JANUARY 19, 2021

Take it a step further and you can also easily see how attackers might move between the two environments, taking advantage of a policy gap resulting from a lack of visibility and control into one part of the environment, and then start looking for other workloads to compromise.

Firewall 94

Firewall Data Center Policies Virtualization 94

Prisma Clud

JANUARY 31, 2023

The alarming detail is that 99% of those identities had unused privileges, creating a massive attack surface. We’re thrilled to release new enhancements for AWS customers, specifically the integration between Prisma Cloud and AWS IAM Identity Center and new support for AWS tags. Why AWS IAM Identity Center?

AWS 52

AWS Cloud .Net Azure 52

Palo Alto Networks

AUGUST 23, 2021

the third-generation XDR platform that allows security teams to identify and investigate attacks across all endpoint, network, cloud and identity sources from a single console. taking a significant step in our mission to know about and stop all cybersecurity attacks. Announcing Cortex XDR 3.0, Today, we released Cortex XDR 3.0,

Cloud 89

Cloud Machine Learning Artificial Inteligence Analytics 89

CircleCI

AUGUST 26, 2022

Secrets detection needs to take into account this attack surface and scan for incremental changes to the repository to prevent these kinds of leaks. Incidents detected during a historical scan are tagged. Visit the GitGuardian documentation and blog for best practices, cheat sheets, and much more. Want to learn more?

Software Review 122

Software Review Authentication Systems Review Testing 122

Firemon

SEPTEMBER 22, 2020

And all this must happen while defending against an evolving threat landscape and an expanding attack surface. Blind spots open up new attack vectors and opportunities for compliance violations. FireMon Tags. Misconfigurations are the leading cause of breaches , compliance violations, and unplanned downtime.

Policies 98

Policies Agile Network Firewall 98

Prisma Clud

MAY 15, 2023

Top 10 Cloud Security Risks In the recently released Cloud Threat Report, Volume 7: Navigating the Expanding Attack Surface , Unit 42 and Prisma Cloud researchers identify 10 critical risks that require an architectural and operational focus to ensure the detection of advanced threats within cloud environments.

Organization 52

Organization Cloud Policies Serverless 52

Kaseya

APRIL 15, 2020

Just like the coronavirus outbreak, cybersecurity attacks also take place on a global scale and happen every few seconds. Here are the top 10 cybersecurity threats businesses face in 2020: Phishing Attacks. Attackers will alternatively inject malicious code to third-party libraries that users will unwittingly download and execute.

Malware 136

Malware Artificial Inteligence Software Review Systems Review 136