Blog
Vulnerability Research

CVE-2020-2021 Palo Alto Networks PAN-OS: Authentication Bypass in SAML Authentication Vulnerability

Thu, 07/02/2020
CVE-2020-2021 Palo Alto Networks PAN-OSA critical severity authentication bypass vulnerability in certain configurations of Palo Alto Networks PAN-OS devices using Security Assertion Markup Language (SAML) authentication.On June 29, 2020, Palo Alto issued a security advisory for PAN-OS versions with SAML authentication enabled and the 'Validate Identity Provider Certificate' option disabled ...
Vulnerability Management
Blog

Ripple20

Tue, 06/30/2020
Ripple20As of June 16th 2020, a total of 19 vulnerabilities, collectively called Ripple20, were found within an embedded TCP/IP stack software library. This library, developed by Treck, Inc. was used in the manufacturing chain across all industries and could affect several hundred million devices. Four vulnerabilities are considered critical and are tracked against CVE-2020-11896, CVE-2020-11897,...
Vulnerability Management
Blog

Inventor of Anti-Corrosion Tech Allegedly Took IP to New Company

By Cybersecurity Experts at Fortra on Tue, 06/30/2020
An industrial powder coating service in Texas is looking to take the inventor behind the company's bread and butter - its trade secrets - allegedly took them to start a rival company. In a lawsuit filed last week, Corrosion Prevention Technologies, a company that specializes, as the name suggests, in corrosion prevention technology, accused former employees, Loren Hatle, Santiago...
Blog

Ping Identity PingID SSH before 4.0.14 Out-of-bounds Write Vulnerability

Tue, 06/30/2020
Published on June 29th, 2020Ping Identity PingID SSH before 4.0.14 contains a heap buffer overflow in PingID-enrolled servers. This condition can be potentially exploited into a Remote Code Execution vector on the authenticating endpoint.Vulnerable Systems: Ping Identity PingID SSH before 4.0.14CVE Information: CVE-2020-10654Disclosure Timeline: Published Date:5/13/2020...
Vulnerability Management
Blog

OpenShift Container Platform Cleartext Storage of Sensitive Information Vulnerability

Tue, 06/30/2020
Published on June 29th, 2020A flaw was found in OpenShift Container Platform where OAuth tokens are not encrypted when the encryption of data at rest is enabled.Credit: The information has been provided by Stefan Schimanski. The original article can be found at:https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10706Details: This flaw allows an attacker with access to a backup to obtain OAuth...
Vulnerability Management
Executive Attacks on Social Media Hit All-Time High as Analysts Point to AI
Blog

Executive Impersonation Techniques on Social Media

By Cybersecurity Experts at Fortra on Mon, 06/22/2020
Threat actors are masquerading as executives on social media for purposes of stealing credentials and damaging popular brands. Today, many executives have accounts on these platforms to network as well as post content promoting their companies. Unfortunately, it is easy for bad actors to create fake accounts and reach massive audiences by impersonating well-known individuals. These types of...
Executive Protection
Abuse of HTTPS on Nearly Three-Fourths of all Phishing Sites
Blog

Abuse of HTTPS on Nearly 75% of all Phishing Sites

Tue, 06/16/2020
Since 2015, PhishLabs (now Fortra Brand Protection) has tracked how threat actors abuse HTTPS or SSL certs. In particular, threat actors often use HTTPS on their phishing sites to add a layer of legitimacy, better mimic the target site in question, and reduce being flagged or blocked from some browsers. In 2014, threat actors hit a significant milestone in this usage when more than 50% of phishing...
Blog

Threat Intelligence Fostering Modern Vulnerability Management Platforms

Mon, 06/15/2020
Corporate and personal decisions are an important part of our daily life; many times they are made from our previous knowledge and lessons learned from similar events. To make a truly educated decision, the most complete information available is needed to quantify risks and estimate the potential returns of our actions.Unfortunately we don’t always have the answers to life’s unexpected challenges,...
Vulnerability Management
Blog

Saltstack RCE and vBulletin "incorrect access control" Vulnerabilities

Tue, 06/02/2020
Saltstack Remote Code Execution (RCE) Vulnerability For those that have implemented SaltStack in your cloud environment, please be aware of several vulnerabilities (CVE-2020-11651/CVE-2020-11652) that together allow a RCE condition, which could allow an attacker to take over your Master Salt server and then laterally move to your Salt minions. Please consider patching with release 3000.2 or...
Vulnerability Management
Blog

Data at rest versus data at creation: It’s not a choice you should make – secure them both

By Cybersecurity Experts at Fortra on Thu, 05/28/2020
As part of your defense against an external cyberattack, you’re ready to tackle the enormous task of securing all the data sitting on your servers, desktops and external drives.If you’re like most organizations, you’ve got tons of it because no one throws anything away these days. And if you’re working at an enterprise, it’s an exponentially larger...
Data Identification
Data Protection
Blog

Insider Behind $1 Billion Trade Secret Theft Case Sentenced

By Cybersecurity Experts at Fortra on Wed, 05/27/2020
An ex-employee of a petroleum giant who previously plead guilty to taking a billion-dollar trade secret has been sentenced to 24 months in a federal prison and ordered to pay $150,000 in restitution.Following his release, he’ll be deported, the Federal Bureau of Investigation (FBI) confirmed this week.Hongjin Tan, the employee in question, is a Chinese national who formerly worked as an associate...
Blog

How to Use SAST and DAST to Meet ISA/IEC 62443 Compliance

Mon, 05/25/2020
In a recent cyber-attack, a metallurgy company became infected with ransomware. The firm shut down for a week to deal with the infection; the final costs for the system backup and production downtime came to over 50 million euros ($54 million). This follows a Kaspersky report, “The State of Industrial Cybersecurity” that shows 70% of companies expect an attack on their Operational Technology/...
Application Security
Compliance
Blog

Threat Landscape: Shining a Light on Truly Critical Vulnerabilities

Wed, 05/20/2020
Intelligence-Driven Vulnerability ManagementResource-strapped IT departments need to prioritize vulnerabilities and threats that will have the most impact within their organization's environment. Many businesses rely on common vulnerability and severity metrics (CVE, CVSS, CWE, etc.) to prioritize vulnerabilities that need attention. Attackers, on the other hand, don't necessarily prioritize their...
Vulnerability Management