Vulnerability

Unpatched zero-day vulnerability in Internet Explorer exploited in the wild

Jan 28, 2020 By Patch Manager Plus In ManageEngine

Barely a week after Patch Tuesday, internet security company Qihoo 360 has discovered yet another vulnerability in Internet Explorer (IE), this time due to a remote code execution vulnerability in the jscript.dll scripting engine. The vulnerability, identified as CVE-2020-0674, is considered Critical for IE 11, and Moderate for IE 9 and IE 10.

Read Post

ManageEngine

Read more about Unpatched zero-day vulnerability in Internet Explorer exploited in the wild

Detecting CVE-2020-0601 Exploitation Attempts With Wire & Log Data

Jan 22, 2020 By Drew Church In Splunk

Editor’s note: CVE-2020-0601, unsurprisingly, has created a great deal of interest and concern. There is so much going on that we could not adequately provide a full accounting in a single blog post! This post focuses on detection of the vulnerability based on network logs, specifically Zeek as well as Endpoint. If you are collecting vulnerability scan data and need to keep an eye on your inventory of systems that are at risk, then check out Anthony Perez’s blog.

Read Post

Splunk

Read more about Detecting CVE-2020-0601 Exploitation Attempts With Wire & Log Data

CVE-2020-0601 - How to operationalize the handling of vulnerabilities in your SOC

Jan 20, 2020 By Matthias Maier In Splunk

Software vulnerabilities are part of our lives in a digitalized world. If anything is certain, it’s that we will continue to see vulnerabilities in software code! Recently the CVE-2020-0601 vulnerability, also known as CurveBall or “Windows CryptoAPI Spoofing Vulnerability”, was discovered, reported by the NSA and made headlines. The NSA even shared a Cybersecurity Advisory on the topic. Anthony previously talked about it from a public sector and Vulnerability Scanner angle.

Read Post

Splunk

Read more about CVE-2020-0601 - How to operationalize the handling of vulnerabilities in your SOC

The Citrix Vulnerability And What It Means For You

Jan 20, 2020 By Uchechi Odikanwa In ThreatSpike

In December 2019, Citrix announced that their flagship product, Citrix Application Delivery Controller (ADC) and Gateway, had a vulnerability that would allow code execution to take place on affected devices without any authentication. This vulnerability (designated CVE-2019-19781) was severe - on a scale of 1 to 10 it was deemed a 9.8 meaning that an attacker able to exploit this vulnerability could do serious damage.

Read Post

ThreatSpike

Read more about The Citrix Vulnerability And What It Means For You

Citrix vulnerability (CVE-2019-19781): Redscan Labs releases detection script

Jan 17, 2020 By Redscan In Redscan

Last updated: 20th January, 9.45am. A critical Citrix vulnerability (CVE-2019-19781) is currently under mass exploitation. To detect if your organisation is compromised, Redscan has developed a script that will examine your host.

Read Post

Redscan

Read more about Citrix vulnerability (CVE-2019-19781): Redscan Labs releases detection script

What is the difference between a Vulnerability Assessment & a Penetration Test?

Jan 14, 2020 By JUMPSEC In JUMPSEC

JUMPSEC Jargon Buster - What is the difference between a Vulnerability Assessment & a Penetration Test, Thom explains. Vulnerability assessments typically rely on vulnerability scanning tools to identify technical vulnerabilities making use of pre-configured test cases and signatures. A penetration test takes a contextual view of the target, combining many vulnerabilities and information sources in order to craft specific attacks with the goal of finding security weaknesses. Simply put a penetration test mimiks a skilled attacker, whereas a vulnerability assessment provides a baseline against common known weaknesses.

View Video

JUMPSEC

Read more about What is the difference between a Vulnerability Assessment & a Penetration Test?

What is the difference between external & internal Managed Vulnerability Scanning?

Jan 9, 2020 By JUMPSEC In JUMPSEC

JUMPSEC Jargon Buster - Courtney Cole explains what is the difference between external & internal Managed Vulnerability Scanning?

View Video

JUMPSEC

Read more about What is the difference between external & internal Managed Vulnerability Scanning?

What is a vulnerability scan & why is managed vulnerability scanning different?

Jan 8, 2020 By JUMPSEC In JUMPSEC

JUMPSEC Jargon Buster - Courtney Cole explains what a vulnerability scan is and why managed vulnerability scanning is different

View Video

JUMPSEC

Read more about What is a vulnerability scan & why is managed vulnerability scanning different?

Honeypots: A Guide To Increasing Security

Dec 29, 2019 By Tripwire Guest Authors In Tripwire

Honeypots are not a new idea. They have been part of the cybersecurity world for decades and have frequently gone in and out of “fashion” over that period. Recently, though, they have become an increasingly important part of vulnerability management. That’s for a couple of reasons. Honeypots offer real-world data on the types of threats that companies face, and they can be a powerful research tool in identifying specific threat vectors.

Read Post

Tripwire

Read more about Honeypots: A Guide To Increasing Security

What is a Zero-day (0-day)?

Dec 13, 2019 By Abi Tyas Tunggal In UpGuard

A zero-day (0-day) is an unpatched security vulnerability that is unknown to the software, hardware or firmware developer, and the exploit attackers use to take advantage of the security hole. In general, zero-day refers to two things: Zero day gets its name from the number of days that a patch has existed for the flaw: zero. Zero-day threats represent significant cybersecurity risk because they are unknown to the party who is responsible for patching the flaw and may already be being exploited.

Read Post