Search results for: vulnerability

week in review

Week in review: 150+ HP multifunction printers open to attack, how to combat ransomware with visibility

Here’s an overview of some of last week’s most interesting news, articles and interviews: Determined APT is exploiting ManageEngine ServiceDesk Plus vulnerability (CVE-2021-44077) An APT group is leveraging a critical vulnerability (CVE-2021-44077) in Zoho ManageEngine ServiceDesk Plus to compromise organizations in a variety of sectors, including defense and tech. 150+ HP multifunction printers open to attack (CVE-2021-39237, CVE-2021-39238) Over 150 HP multifunction printers (MFPs) are open to attack via two exposed physical access port vulnerabilities … More

tunnel

Determined APT is exploiting ManageEngine ServiceDesk Plus vulnerability (CVE-2021-44077)

An APT group is leveraging a critical vulnerability (CVE-2021-44077) in Zoho ManageEngine ServiceDesk Plus to compromise organizations in a variety of sectors, including defense and tech. “Successful exploitation of the vulnerability allows an attacker to upload executable files and place webshells, which enable the adversary to conduct post-exploitation activities, such as compromising administrator credentials, conducting lateral movement, and exfiltrating registry hives and Active Directory files,” the Cybersecurity and Infrastructure Security Agency (CISA) warns. About CVE-2021-44077 … More

crypto currency

Tor2Mine cryptominer has evolved: Just patching and cleaning the system won’t help

Sophos released new findings on the Tor2Mine cryptominer, that show how the miner evades detection, spreads automatically through a target network and is increasingly harder to remove from an infected system. Tor2Mine is a Monero-miner that has been active for at least two years. In the research, Sophos describes new variants of the miner that include a PowerShell script that attempts to disable malware protection, execute the miner payload and steal Windows administrator credentials. What … More

magnify

The importance of vulnerability management for your organization

Everyone is familiar with home burglaries. Criminals case a house looking for easy access through open windows, unlocked doors, open garages, and the like. Hackers take the same approach electronically and look for network vulnerabilities that grant them access to the data they want. And small to mid-size businesses are an ideal target, since they have fewer resources to dedicate to security efforts than larger companies. Vulnerability scanning When you hire a home security expert, … More

Handshake

ATG selects YesWeHack to identify potential vulnerabilities on its platforms and applications

YesWeHack has partnered with Sweden headquartered ATG, to identify potential vulnerabilities on its exposed assets. ATG provides quality excitement and entertainment through horse betting, sports betting and casino games for approximately 1.4 million customers. ATG is constantly evolving to meet new technology demands, increased data access, faster connections, and new digital channels. It is at the forefront of using digital technology to offer content-rich, personalised, and constantly available entertainment while meeting stricter regulation, digitalisation, and … More

Acquisitions

Aqua Security acquires Argon to secure all stages of software build and release

Aqua Security announced the acquisition of Argon, a pioneer in software supply chain security. Argon and Aqua now offer a solution to secure all stages of software build and release. Shifting further “left,” Aqua Security’s Cloud Native Application Protection Platform (CNAPP) is now a solution that can protect the full software development lifecycle (SDLC) from code through build to runtime, ensuring the end-to-end integrity of applications. “With the addition of Argon to the Aqua Platform, … More

Infosec products of the month: November 2021

Here’s a look at the most interesting products from the past month, featuring releases from 1Password, Avast, Boxcryptor, Code42, ColorTokens, Cynamics, Fortanix, Hiya, Huntsman Security, Imperva, iStorage, Jetico, Netscout, Palo Alto Networks, Siren, Saviynt, StorONE, Tenable, The Linux Foundation, ThreatQuotient, Tufin, Viavi Solutions and WatchGuard. Nessus 10 is out, with Raspberry Pi support Tenable has released Nessus 10 and extended supported platforms to include Raspberry Pi, allowing penetration testers, consultants, security teams and students to … More

Handshake

McAfee and FireEye integrate with Amazon Inspector to protect data in the cloud

McAfee Enterprise and FireEye released new cloud security capabilities on AWS as well as integration with Amazon Inspector. FireEye Helix behavior analysis and machine-learning Extended Detection & Response (XDR) capabilities combined with Amazon Inspector, a vulnerability management service, offers AWS customers greater visibility and protection of applications and data in the cloud. McAfee Enterprise and FireEye are also now included in the AWS ISV Workload Migration Program (WMP), which helps customers with funding, technology enablement … More

Money

Armis raises $300M to accelerate strategic platform development and regional expansion

Armis announced that it has closed its latest investment round and increased its valuation to $3.4 billion. One Equity Partners (“OEP”), in conjunction with existing investors, made a combined $300 million investment to accelerate strategic platform development and global GTM initiatives, and to support future acquisitions. OEP will also be joining the board of directors. “One Equity Partners is the exact type of investor we need at this juncture. They deeply understand our sector and … More

patch

Patching takes 2.5 times longer when endpoints are remote

Action1 released a report based on the feedback from 491 IT professionals worldwide. The study explores how organizations patch and manage their remote and office-based endpoints and provide employees with remote IT support. The report reveals that even though most organizations plan to keep at least some remote work in 2022, they struggle to secure and support their remote or hybrid workforce. 78% of respondents admitted experiencing delays in patching critical vulnerabilities during the past … More

certification

GlobalPlatform offers a framework to protect applications and data against high-profile attacks

GlobalPlatform has certified its Secure Element (SE) Protection Profile (PP) with the international standard for computer security certification, Common Criteria (CC). The document is the latest update to GlobalPlatform’s Security Certification Program. It will make it quicker and easier for stakeholders across industries to validate and compare security features, protect applications and data against high-profile attacks and comply with evolving IoT and cybersecurity regulations. Since 2000 GlobalPlatform has been the de-facto standard for secure element … More

week in review

Week in review: Windows EoP flaw still exploitable, GoDaddy breach, malicious Python packages on PyPI

Here’s an overview of some of last week’s most interesting news, articles and interviews: After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379) A local elevation of privilege vulnerability (CVE-2021-41379) in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its discoverer, still exploitable. GoDaddy breach: SSL keys, sFTP, database passwords of WordPress customers exposed GoDaddy, the popular internet domain registrar and web hosting company, has suffered … More