Vulnerability in GnuPG allowed digital signature spoofing for decades

A vulnerability affecting GnuPG has made some of the widely used email encryption software vulnerable to digital signature spoofing for many years. The list of affected programs includes Enigmail and GPGTools. About the vulnerability (CVE-2018-12020) CVE-2018-12020, dubbed “SigSpoof” by Marcus Brinkmann, the researcher which found it, arises from “weak design choices.” “The signature verification routine in Enigmail 2.0.6.1, GPGTools 2018.2, and python-gnupg 0.4.2 parse the output of GnuPG 2.2.6 with a “–status-fd 2” option, which … More

Zip Slip vulnerability affects thousands of projects

An arbitrary file overwrite vulnerability that can be exploited by attackers to achieve code execution on a target system affects a myriad of projects and multiple ecosystems, Snyk researchers have revealed. About the vulnerability The vulnerability, dubbed Zip Slip by the researchers, has been seen in the past before, but was never this widely spread, Snyk CEO Guy Podjarny told Help Net Security. “Zip Slip is a form of directory traversal that can be exploited … More

Vulcan Cyber announces continuous vulnerability remediation platform and $4M seed round

Israeli startup Vulcan Cyber today announced $4 million in seed funding for its mission to eliminate the vulnerability remediation gap that unnecessarily exposes enterprises to massive cyber risk. Vulcan Cyber co-founders, from left to right: CTO Roy Horev, CEO Yaniv Bar-Dayan and CPO Tal Morgenstern Backing for the technology platform, which lets security teams gain the insight needed and take the action required to continuously eliminate exposed vulnerabilities in their production systems, comes from YL … More

The pace of vulnerability disclosure shows no signs of slowing

Unless the pace of vulnerability disclosure slows down in the coming quarters, we are looking at yet another record-breaking year, according to Risk Based Security’s 2018 Q1 Vulnerability QuickView Report. Note that bug bounties are a subset of the ‘Coordinated Disclosures’ total Key findings 5,375 unique vulnerabilities were reported. This is just a 1.8% increase over the same period in 2017. Note that this number will continue to rise throughout 2018. 1,790 (33.3%) of the … More

The importance of threat intelligence and vulnerability remediation prioritization

In this podcast recorded at RSA Conference 2018, Jimmy Graham, Director of Product Management, Vulnerability Management at Qualys, talks about the importance of threat intelligence and vulnerability remediation prioritization. Here’s a transcript of the podcast for your convenience. Hi, my name is Jimmy Graham and I’m the Director of Product Management, Vulnerability Management at Qualys. In this Help Net Security podcast I’ll be talking about the importance of threat intelligence and vulnerability remediation prioritization. So, … More

New Drupal RCE vulnerability under active exploitation, patch ASAP!

Yet another Drupal remote code execution vulnerability has been patched by the Drupal security team, who urge users to implement the offered updates immediately as the flaw is being actively exploited in the wild. The vulnerability (CVE-2018-7602) affects Drupal versions 7.x and 8.x. Users should upgrade to v7.59 and 8.5.3. Those who, for whatever reason, can’t implement the update can implement standalone patches, but before doing so they have to apply the fix from SA-CORE-2018-002 … More

Expand vulnerability and risk management programs to eliminate security misconfigurations

In this podcast recorded at RSA Conference 2018, Tim White, Director of Product Management, Policy Compliance at Qualys, discusses how expanding vulnerability and risk management programs can eliminate security misconfigurations. Many don’t realize misconfigurations can be exploited just as easily as a vulnerable piece of software to result in compromise. Here’s a transcript of the podcast for your convenience. Hi, my name is Tim White with Qualys. I am the Director of Product Management for … More

Illumio and Qualys integrate to deliver vulnerability-based micro-segmentation

Illumio announced new global vulnerability mapping capabilities on its Adaptive Security Platform. Vulnerability and threat data from the Qualys Cloud Platform is integrated with Illumio application dependency mapping to show potential attack paths in real time. Automated vulnerability-based policy recommendations: mitigate vulnerabilities without breaking your application. The integration between the Qualys Cloud Platform and Illumio delivers vulnerability maps, enabling organizations to see connections to vulnerabilities within and between applications. This new capability also includes an … More

Critical vulnerability opens Cisco switches to remote attack

A critical vulnerability affecting many of Cisco’s networking devices could be exploited by unauthenticated, remote attackers to take over vulnerable devices or trigger a reload and crash. The company says that the vulnerability is not actively exploited in the wild, but as information about it and Proof-of-Concept code has now been published network administrators would do well to install the released security updates as soon a possible. About the vulnerability (CVE-2018-0171) The flaw was discovered … More

Exim vulnerability opens 400,000 servers to remote code execution

If you’re using the Exim mail transfer agent on your Internet-connected Unix-like systems and you haven’t yet upgraded to version 4.90.1, now is the time to do it as all previous versions contain a vulnerability that can be exploited to achieve remote code execution. About the Exim remote code execution vulnerability The buffer overflow vulnerability in the base64 decode function of Exim (CVE-2018-6789) was discovered and reported by Meh Chang of the DEVCORE research team … More