article thumbnail

SMBleed (CVE-2020-1206) and SMBLost (CVE-2020-1301) Vulnerabilities Affect Microsoft SMBv3 and SMBv1

Tenable

Three months after an out-of-band patch was released for SMBGhost, aka EternalDarkness (CVE-2020-0796), researchers disclosed two new flaws affecting Microsoft’s Server Message Block (SMB) protocol, including working proof-of-concepts. As a result, Microsoft announced in April 2012 that SMB version 2.2 SMB version 3.1.1

article thumbnail

Cybersecurity Snapshot: Log4j Anniversary, CI/CD Risks, Infostealers, Email Attacks, OT Security

Tenable

Cyber Safety Review Board published a 50-plus page report on the Log4j event, and a key takeaway was that Log4Shell is an “endemic vulnerability” that’ll be around for a decade — or perhaps longer. . Source: Accenture Cyber Threat Intelligence team, December 2022). How long will this Log4Shell problem linger? Back in July, the U.S.

article thumbnail

How Do You Prove Product-Market Fit? A Pop Quiz

Battery Ventures

Product-market fit is particularly essential for enterprise-software companies transitioning from an idea to a minimum viable product (MVP) and beyond. Enterprise software customers usually feel overworked and under-resourced. This is a common problem our team finds during diligence of early-stage companies.