Vulnerability

cyberint

HiveNightmare / SeriousSAM (CVE-2021-36934)

First coming to light as a local elevation of privilege vulnerability affecting pre-release versions of Windows 11 (Figure 1), subsequent investigations into the issue, namely sensitive registry hive files being accessible to all users when 'System Protection' is enabled, confirm that it also affects Windows 10. Initially dubbed 'HiveNightmare' and 'SeriousSAM' by security researchers, CVE-2021-36934 has been assigned to this vulnerability although the CVSS score has yet to be determined.

rezilion

Dogfooding It: How I Used Our Own Vulnerability Validation Technology to Kill 56 Container App Vulnerabilities Without Patching

As every responsible company does, we too scan our containerized applications for vulnerabilities before deploying them in production. In a recent scan, our security team found 56 high and critical vulnerabilities coming from container base-image and open-source components.

WhiteSource

The Complete Guide to Prototype Pollution Vulnerabilities

Prototype Pollution is one of the less known vulnerabilities in the security community. Researchers started to discuss it as a potential attack vector around 2017, and the first vulnerabilities were found in the wild at the start of 2018. In this article, we’re going to take a deep dive into what Prototype Pollution vulnerabilities are, and how they can be mitigated.

zeronorth

What Is An Application Security Vulnerability and How Can It Hurt You?

A software bug, system flaw, security gap—these are all terms you may have heard in the world of application security (AppSec). Yes, they all mean slightly different things, but the reality is each one can lead to a vulnerability—which translates into a weakness that can be exploited to compromise the security of an application.

Outpost24 and Secure Code Warrior integration

Added links in Outpost24 Scale DAST tool to Secure Code Warrior for findings with a CWE. Where an Appsec finding is linked to a CWE we have introduced direct links to Secure Code Warrior eLearning training platform. This gives users the ability to understand what the vulnerability is and more importantly how to address these findings within their development process. Customers do not have to be customers of Secure Code Warrior (SCW) to enjoy the learning modules presented, though customers who are SCW customers may get further insights as well as tracking scores and other metrics.
zeronorth

Learn How Powerful Metrics Can Help You Manage AppSec Tools and Risk

Bugs and flaws in software are common and unavoidable. In fact, about 84%[1] of software breaches happen at the application layer, which means organizations looking to build secure software must use at least a handful of application security (AppSec) scanning tools to test their code—from code commit to build to deployment.

tripwire

What are Product Security Incident Response Team (PSIRT) Best Practices?

In my previous post, I disclosed that SonicWall had quietly released vulnerability fixes over the course of several days before vulnerability advisories were published for CVE-2020-5135. Rather than properly fixing CVE-2020-5135, SonicWall’s fix introduced a new vulnerability in the same code. SonicWall was aware of the new vulnerability but deferred the small fix until the next release, more than 6 months later.

Kaseya Ransomware Attack: How Did It Affect the MSSPs And What To Do To Prevent The Risk?

Kaseya #Ransomware Attack A #cybercrime organization with Russian origins called #REvil claims to have infected 1 million systems across 17 countries. It is now demanding $ 70 million in bitcoins in exchange for a "universal decryptor" that will return users’ access. Hackers targeted the US IT company #Kaseya, and then used that company’s software to infiltrate the victims’ systems, using a zero-day vulnerability.