Microsoft Domain Controller “ZeroLogon” VulnerabilityA recent disclosure by Dutch security firm Secura B.V. has highlighted how dangerous a Netlogon vulnerability (CVE-2020-1472) included in the August 2020 Patch Tuesday release can be to a network. To exploit this vulnerability, an attacker with an established foothold in an internal network could exploit the weak cryptographic algorithm used by...

In the battle against cyber adversaries, IT security professionals have to carefully balance competing objectives; protecting business assets and processes while enabling legitimate business operations and initiatives. Maximizing both objectives is challenging, especially in a highly competitive and digitally connected business environment. Far too frequently, sacrifices in cyber defenses and...

Slack Desktop Application Remote Code Execution (RCE) Vulnerability A RCE flaw was disclosed on August 31st, 2020, which affects the users of the Windows, Mac OS, and Linux desktop application versions of Slack. Users that click on an HTML injected image, will be redirected to an attacker’s server where a malicious javascript payload will be executed within the Slack application on their local...

While pen testing has been around since the 1960s, not all organizations have yet perfected the art of conducting them. In fact, not all companies are taking advantage of them, but that’s a conversation for another time.Below are a few common pitfalls that even experienced security teams fall victim to from time to time.Wrong FrequencyPenetration tests evaluate your security posture at the moment...

With the increased normalization of remote work, many organizations are dealing with an attack surface that has expanded beyond traditional network bounds. A new imperative exists for IT and security teams to adopt broader work-from-home security practices. This includes updating vulnerability scanning and management strategies to monitor both remote endpoints and network assets effectively. A...

“BootHole” GRUB2 Bootloader Secure Boot BypassAs of July 29th, a buffer overflow vulnerability has been disclosed in the way that GRUB2 parses its configuration file, grub.cfg that can lead to full control over an affected system before OS boot. This bypass vulnerability has been assigned CVE-2020-10713. GRUB2 is utilized on almost all modern Linux systems, Windows systems since 2012 that...

On June 30th 2020, F5 disclosed a Remote Code Execution (RCE) (CVE-2020-5902) vulnerability in their Traffic Management User Interface (TMUI), also referred to as the Configuration Utility. The directory traversal vulnerability can allow execution of system commands, as well as reading and writing of files and execution of arbitrary Java code. This vulnerability has a CVSSv3 base score of 9.8. ...

CVE-2020-2021 Palo Alto Networks PAN-OSA critical severity authentication bypass vulnerability in certain configurations of Palo Alto Networks PAN-OS devices using Security Assertion Markup Language (SAML) authentication.On June 29, 2020, Palo Alto issued a security advisory for PAN-OS versions with SAML authentication enabled and the 'Validate Identity Provider Certificate' option disabled ...

Ripple20As of June 16th 2020, a total of 19 vulnerabilities, collectively called Ripple20, were found within an embedded TCP/IP stack software library. This library, developed by Treck, Inc. was used in the manufacturing chain across all industries and could affect several hundred million devices. Four vulnerabilities are considered critical and are tracked against CVE-2020-11896, CVE-2020-11897,...

Published on June 29th, 2020Ping Identity PingID SSH before 4.0.14 contains a heap buffer overflow in PingID-enrolled servers. This condition can be potentially exploited into a Remote Code Execution vector on the authenticating endpoint.Vulnerable Systems: Ping Identity PingID SSH before 4.0.14CVE Information: CVE-2020-10654Disclosure Timeline: Published Date:5/13/2020...

Published on June 29th, 2020A flaw was found in OpenShift Container Platform where OAuth tokens are not encrypted when the encryption of data at rest is enabled.Credit: The information has been provided by Stefan Schimanski. The original article can be found at:https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10706Details: This flaw allows an attacker with access to a backup to obtain OAuth...

Corporate and personal decisions are an important part of our daily life; many times they are made from our previous knowledge and lessons learned from similar events. To make a truly educated decision, the most complete information available is needed to quantify risks and estimate the potential returns of our actions.Unfortunately we don’t always have the answers to life’s unexpected challenges,...

Coronavirus (COVID-19) has brought about unprecedented times. Let us help you maintain business as (sort of) usual.

Saltstack Remote Code Execution (RCE) Vulnerability For those that have implemented SaltStack in your cloud environment, please be aware of several vulnerabilities (CVE-2020-11651/CVE-2020-11652) that together allow a RCE condition, which could allow an attacker to take over your Master Salt server and then laterally move to your Salt minions. Please consider patching with release 3000.2 or...

Intelligence-Driven Vulnerability ManagementResource-strapped IT departments need to prioritize vulnerabilities and threats that will have the most impact within their organization's environment. Many businesses rely on common vulnerability and severity metrics (CVE, CVSS, CWE, etc.) to prioritize vulnerabilities that need attention. Attackers, on the other hand, don't necessarily prioritize their...

Security GPA is one the most-used, and most-loved features in Fortra Vulnerability Management platform. Designed for risk prioritization, Security GPA is predicated upon a simple metric that resonates across all levels of an organization. Based on the academic grading system that uses both a four-point numerical scale in tandem with the letter grades A-F, Security GPA has grown into a powerful and...

Cybersecurity is now a business requirement for most organizations. However, it’s often difficult to report on your security team’s performance to non-technical stakeholders and leadership. Senior leaders deal with conflicting priorities across the entire business. Therefore, it’s crucial to communicate the risks to your organization in a way that resonates.Vulnerability management is one of the...

Last updated on April 24, 2020.Web security, your site and your networkWeb sites are unfortunately prone to security risks. And so are any networks in which web servers are connected. Setting aside risks created by employee use or misuse of network resources, your web server and the site it hosts present your most serious sources of security risk.Web servers by design open a window between your...