Understanding OWASP Top 10 Vulnerabilities
Web-based attacks are the most common attack faced by many businesses regardless of size. Want to identify the vulnerabilities most prevalent to your business and mitigate them?
What's Hiding in Your External Attack Surface?
Cybersecurity teams need to develop and maintain a set of practices around their online attack surface. These practices must include attack surface visibility and mapping of third-party connections as well as constant assessment of the risks of these connections. Controls must include the ability to detect and alert on risky or broken connections, coupled with automated remediation when feasible.
North Korean hackers taint PuTTY SSH client with malware
Mandiant has reported an instance in which a group of North Korean hackers tainted the PuTTY SSH client through a malicious ISO package.
Stealing User Passwords with Mimikatz DCSync
Mimikatz provides a variety of ways to , but one of the most alarming is the DCSync command. Using this command, an adversary can simulate the behavior of a domain controller and ask other domain controllers to replicate information — including user password data. In fact, attackers can get any account’s NTLM password hash or even its plaintext password, including the password of the KRBTGT account, which enables them to create Golden Tickets.
Zero Day Exploit for MS Exchange (ProxyNotShell)
On Sept. 29th 2022, cybersecurity organization GTSC publicized a report outlining attacks they have seen in the wild targeting as-yet unpatched vulnerabilities in Microsoft Exchange. When successfully exploited this combination of vulnerabilities results in an authenticated Remote Code Execution (RCE) attack. Until a patch has been issued, Microsoft has posted a security bulletin detailing a workaround.
Using Active Directory's AdminCount Attribute to Find Privileged Accounts
Active Directory accounts with elevated privileges pose a serious security risk: They are a top target for attackers because they provide administrative access to systems and data, and they can also be misused by their owners, either deliberately or accidentally. Therefore, it’s critical for IT teams to keep close track of accounts with elevated permissions.
Be The Partner of Choice
SecurityScorecard Co-Founder and Chief Operating Officer Sam Kassoumeh shares Tip #5 from our ebook, 5 Ways to Secure Your Organization in Turbulent Times: Make your organization the partner of choice. Every vendor, regardless of industry, must view cybersecurity as a key strategic component. This video explores how a strong cybersecurity posture can increase trust and provide competitive differentiation and advantage, helping you to become a trusted market leader.
This Week in VulnDB
Welcome to This Week in VulnDB, Each episode we will look through some of the newer vulnerabilities in the Snyk vulnerability database, looking at emerging trends in attack vectors appearing in programming languages, platforms and ecosystems.
CrowdStrike Falcon Platform Identifies Supply Chain Attack via a Trojanized Comm100 Chat Installer
The market-leading CrowdStrike Falcon® platform, applying a combination of advanced machine learning (ML), artificial intelligence (AI) and deep analytics across the trillions of security events captured in the CrowdStrike Security Cloud, has identified a new supply chain attack pattern during the installation of a chat based customer engagement platform.
Demo: Policy Audits
Learn more about the types of policy audits available in WatchGuard Cloud.