Search results for: vulnerability

medical devices

The future history of medical device cybersecurity

In 1555, Nostradamus published his famous Les Prophéties containing obfuscated prophecies for the world to come. Some believe that one of these predictions pertains to the year 2020 and it reads, in part: “The false trumpet concealing madness / will cause Byzantium to change its laws.” Yeah… I have no idea what that means either! In 1966 the late Arthur C. Clarke, a famous science fiction writer, predicted that we would have flying houses and … More

Patch Tuesday

January 2021 Patch Tuesday: Microsoft plugs Defender zero-day RCE

On this January 2021 Patch Tuesday: Microsoft has plugged 83 CVEs, including a Microsoft Defender zero-day Adobe has delivered security updates for a variety of products SAP has released 10 security notes and updated 7 previously released ones Mozilla has fixed a critical vulnerability affecting Thunderbird Microsoft’s updates Microsoft has plugged 83 security holes, 10 of which are critical. One of the latter – a zero-day RCE (CVE-2021-1647) affecting Microsoft Defender antivirus – is being … More

tools

Addressing the lack of knowledge around pen testing

The vast majority of attackers are opportunist criminals looking for easy targets to maximize their profits. If defenses are sufficiently fortified, finding a way through will be so difficult and time consuming that all but the most elite nation-state level threat actors will give up and go search of easier prey. Penetration testing is one of the most effective methods for achieving this level of security. A team of ethical hackers can discover and close … More

syringe

SQL injection: The bug that seemingly can’t be squashed

If you’re in a hands-on cybersecurity role that requires some familiarity with code, chances are good that you’ve had to think about SQL injection over and over (and over) again. It’s a common vulnerability that – despite being easily remedied – continues to plague our software and, if left undetected before deployment, provides a small window of opportunity to would-be attackers. December 2020 marked SQL injection’s 22nd birthday (of sorts). Despite this vulnerability being old … More

biohazard

A closer look at fileless malware, beyond the network

Cybersecurity is an arms race, with defensive tools and training pushing threat actors to adopt even more sophisticated and evasive intrusion techniques as they attempt to gain a foothold in victim networks. Most modern endpoint protection (EPP) services are capable of easily identifying traditional malware payloads as they are downloaded and saved on the endpoint, which means attackers have now turned to fileless malware techniques that never touch the victim’s storage. We’ve covered the anatomy … More

organize

2020 set the stage for cybersecurity priorities in 2021

It’s safe to assume that pretty much everyone is ready to move on from 2020. Between the COVID-19 pandemic, political battles, and social unrest, this has been a stressful year in so many ways. It has also been a very active year for cybercriminals and fraudsters who have preyed on people’s fears and vulnerabilities to push new scams. They’ve spoofed government health sites to trick people into clicking on malware links. They’ve targeted food delivery … More

Door

Transitioning from vulnerability management to vulnerability remediation

Like many people, I’m glad 2020 is almost over. I am, however, excited about 2021. Here are three trends I believe will impact how well (or not) companies will be able to remediate vulnerabilities. 2021 will be the year of cloud vulnerability If you think you’ve heard this one before, to quote Bachman–Turner Overdrive, “you ain’t heard nothing yet.” As companies move full speed ahead on cloud migration, we’ll start to understand how little we … More

Brain

As technology develops in education so does the need for cybersecurity

The COVID-19 pandemic has had a profound impact on education, bringing about a sudden boom in remote and online learning. While the transition has forced many schools to implement innovative solutions, it has also revealed stark vulnerabilities in their cybersecurity strategies, which is especially concerning given that schools have become a new target for cyber criminals. A big problem is that even before the pandemic, cybersecurity hasn’t been a priority in education. A lack of … More

healthcare

Three reasons why context is key to narrowing your attack surface

2020 has been a year of radical change for cybersecurity. Lockdowns forced businesses to find new ways to maintain continuity. As a result, digital transformation initiatives have accelerated from three-year initiatives to three-month sprints. Many organizations ended up “leaping before looking” to the cloud. This accelerated digital transformation served as a forcing function that brought IT and security together to reconcile legacy technology, identify risks in the supply chain, narrow the expanding attack surface and … More

Tufin Orchestration Suite R20-2: Users can evaluate network access risks and minimize attack surface

Tufin announced the release of Tufin Orchestration Suite R20-2, integrating network security policy best practices with external risk assessment tools to help users evaluate network access risks and minimize their attack surface. As a result, security teams can streamline the security review process and network teams can reduce the time required to deliver business-enabling connectivity. “Maintaining your security posture requires that multiple risk factors be considered when granting or changing network access,” said Ofer Or, … More

magnify

Script for detecting vulnerable TCP/IP stacks released

Just as ICS-CERT published a new advisory detailing four new vulnerabilities in the Treck TCP/IP stack, Forescout released an open-source tool for detecting whether a network device runs one of the four open-source TCP/IP stacks (and their variations) affected by the Amnesia:33 vulnerabilities. New vulnerabilities in the Treck TCP/IP stack Reported by Intel researchers and confirmed by Treck Inc., four newly discovered vulnerabilities affect Treck TCP/IP stack Version 6.0.1.67 and prior: Of those, CVE-2020-25066 is … More

hand

SolarWinds hackers’ capabilities include bypassing MFA

As the list of known organizations compromised by way of the SolarWinds supply chain attack is slowly growing – according to Reuters, the attackers also breached U.S. Department of Homeland Security’s systems, the State Department, and the National Institutes of Health – Microsoft has decided that its Defender Antivirus will start blocking/quarantining the known malicious SolarWinds binaries today – even if the process is running. Some companies are about to find out they actually do … More