While data enables innovation, its vulnerability continues to cause anxiety among IT leaders

Today’s technology landscape demands that companies determine how to manage and secure data in a connected ecosystem, as well as embrace it to create competitive advantages. The key concerns for IT decision-makers in this environment are cybersecurity, the ability to upgrade infrastructure and optimizing IT operations, according to the 2019 Insight Intelligent Technology Index, an annual study of enterprises based in North America conducted by Insight Enterprises. The study examined how companies manage digital innovation, … More

High-risk vulnerability in Cisco’s secure boot process impacts millions of devices

Red Balloon Security has discovered a high-risk vulnerability in Cisco’s secure boot process which impacts a wide range of Cisco products in use among enterprise and government networks, including routers, switches and firewalls. The vulnerability, codenamed Thrangrycat, is caused by a series of hardware design flaws within Cisco’s Trust Anchor module. First commercially introduced in 2013, Cisco Trust Anchor module (TAm) is a proprietary hardware security module that is used in a wide range of … More

Vulnerability found in Guard Provider, Xiaomi’s pre-installed security app

Check Point Research discovered a vulnerability in one of the preinstalled apps on devices manufactured by one of the world’s biggest mobile vendors, Xiaomi. The vulnerability would have allowed an attacker to carry out a Man-in-the-Middle (MiTM) attack and inject any rogue code he chooses such as password stealing, ransomware, tracking or any other kind of malware onto the device. The vulnerability is in the pre-installed security app, Guard Provider, which should protect the phone … More

How to build an effective vulnerability management program

The concept of vulnerability management has undergone a number of changes in the last few years. It is no longer simply a synonym for vulnerability assessment, but has grown to include vulnerability prioritization, remediation and reporting. It has also grown in scope: vulnerabilities don’t just affect IT networks and databases, but also applications, cloud infrastructures, container environments, the mobile infrastructure, IoT devices and OT networks. It is now expected that a comprehensive enterprise vulnerability management … More

Denial of Service vulnerability discovered in Triconex TriStation Software Suite Emulator

Applied Risk ICS Security Consultant Tom Westenberg discovered a DoS vulnerability in an emulated version of the Triconex TriStation Software Suite. Triconex is a Schneider Electric brand which supplies systems and products in regards to critical control and industrial safety-shutdown technology. The Triconex Emulator is software that allows users to emulate and execute TriStation 1131 applications without connecting to a Tricon, Trident, or Tri-GP controller. Using the Emulator, users can test applications in an offline … More

Researchers create system that predicts vulnerability severity from tweets

To what extent do users’ opinions about threat severity expressed online align with expert judgments and can these opinions provide an early indicator to help prioritize threats based on their severity? A group of researchers from Ohio State University, Leidos and FireEye wanted to answer those questions, so they: Annotated a collection of tweets describing software vulnerabilities with opinions on threat severity Matched tweets to NVD records, i.e. CVEs (by using CVE numbers in the … More

Tripwire launches vulnerability management as a service

Tripwire, a leading global provider of security and compliance solutions for enterprises and industrial organizations, announced the expansion of Tripwire ExpertOps to include vulnerability management as a managed service. With this addition, organizations with limited in-house cybersecurity resources can take advantage of the Tripwire ExpertOps service to maintain a strong foundation of security, from vulnerability management (VM) to security configuration management (SCM) and file integrity monitoring (FIM). Tripwire ExpertOps reduces the workload and complexity of … More

Researcher releases PoC for Windows VCF file RCE vulnerability

A vulnerability that exists in the way Windows processes VCard files (.vcf) can be exploited by remote attackers to achieve execute arbitrary code on vulnerable systems, security researcher John Page has shared. What’s a VCard? VCF is a standard file format used for storing contact information for individuals and businesses. They can contain the contact’s name, address, email address, phone number, their business or personal web page, etc. They are often used to quickly share … More

Vulnerability discovered in safety controller configuration software

Gjoko Krstic, an Applied Risk researcher, has discovered a vulnerability in Pilz PNOZmulti Configurator software that allows a local attacker to read sensitive data in clear-text. The software is used to configure safety controllers, providing the user with the ability to modify elements such as IP addresses, download and upload project files and run other setup functions. The tool can be found on engineering workstations which are used to configure safety controllers. The software is … More

Week in review: The lessons of Conficker, holiday season cybercrime, IoT vulnerability discovery

Here’s an overview of some of last week’s most interesting news and articles: Don’t accept risk with a pocket veto No security professional wants to accept risk. If we had our way, the organization would mitigate or avoid all risks. But that’s almost never the case in the real world. Risks often must be accepted. Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent The flaw affects Flash Player 31.0.0.148 and … More