Search results for: vulnerability

SonicWall

SonicWall hit by attackers leveraging zero-day vulnerabilities in its own products?

On Friday evening, SonicWall announced that it “identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products.” The network security company said that several of its products are impacted, but the day after let everyone know that some of those were not affected, after all. Affected devices “We believe it is extremely important to be transparent with our customers, our partners … More

zero

Zero trust: A solution to many cybersecurity problems

The SolarWinds hack and the never-ending stream of revelations about the attackers’ tools, techniques and other targets has been occupying the minds of CISOs and organization’s cyber defenders since mid-December. The breach announcement came as a shock to many, but Greg Touhill, President of Appgate Federal Group, says that he wasn’t surprised – just disappointed. “When I retired from government service as the US government’s [first] Federal CISO, I was already ‘all-in’ on the zero … More

Hand

How much is a vulnerability worth?

As part of its crowdsourced security program, Zoom has recently increased the maximum payout for vulnerabilities to $50,000. Such figures make great headlines and attract new talent in search of the big bucks, but here is a question that begs to be answered: how much is a vulnerability worth? I have previously found several bugs in Zoom’s products, although these now date back several years, to when the company’s crowdsourced security program was a fledgling … More

week in review

Week in review: Active Directory security, Dnsmasq vulnerabilities, how to select a fraud detection solution

Here’s an overview of some of last week’s most interesting news and articles: Dnsmasq vulnerabilities open networking devices, Linux distros to DNS cache poisoning Seven vulnerabilities affecting Dnsmasq, a caching DNS and DHCP server used in a variety of networking devices and Linux distributions, could be leveraged to mount DNS cache poisoning attack and/or to compromise vulnerable devices. Vulnerability management isn’t working for cloud security: Here’s how to do it right Three things in life … More

eavesdropping

Bugs in Signal, other video chat apps allowed attackers to listen in on users

Bugs in several messaging/video chat mobile apps allowed attackers to spy on targeted users’s surroundings. The vulnerabilities – in Signal, Google Duo, Facebook Messenger, JioChat, and Mocha – could be triggered by simply placing a call to the target’s device – no other action was needed. Searching for bugs in video chat apps In early 2019, Apple fixed a major logic bug (CVE-2019-6223) in its Group FaceTime feature. The bug, discovered by a Tucson high-schooler, … More

Diligent launches Cyber Risk Scorecard powered by SecurityScorecard

Diligent announced the launch of its new Cyber Risk Scorecard powered by SecurityScorecard, the global leader in cybersecurity ratings. Diligent’s Cyber Risk Scorecard equips board directors and executives with a digital tool set that enables greater transparency and the ability to measure risk, build resilience, and increase organizational safety and security. The new Cyber Risk Scorecard provides organizations with a data-backed cyber risk score based on a list of predetermined factors developed by SecurityScorecard, named … More

dnsmasq

Dnsmasq vulnerabilities open networking devices, Linux distros to DNS cache poisoning

Seven vulnerabilities affecting Dnsmasq, a caching DNS and DHCP server used in a variety of networking devices and Linux distributions, could be leveraged to mount DNS cache poisoning attack and/or to compromise vulnerable devices. “Some of the bigger users of Dnsmasq are Android/Google, Comcast, Cisco, Red Hat, Netgear, and Ubiquiti, but there are many more. All major Linux distributions offer Dnsmasq as a package, but some use it more than others, e.g., in OpenWRT it … More

secure

How to defend against today’s top 5 cyber threats

Cyber threats are constantly evolving. As recently as 2016, Trojan malware accounted for nearly 50% of all breaches. Today, they are responsible for less than seven percent. That’s not to say that Trojans are any less harmful. According to the 2020 Verizon Data Breach Investigations Report (DBIR), their backdoor and remote-control capabilities are still used by advanced threat actors to conduct sophisticated attacks. Staying ahead of evolving threats is a challenge that keeps many IT … More

cloud

Vulnerability management isn’t working for cloud security: Here’s how to do it right

Three things in life are seemingly guaranteed: death, taxes and high-profile cloud security breaches. But there is no reason why public cloud or hybrid cloud breaches must remain so stubbornly persistent. The fact is that we understand why these incidents keep occurring: managing risk and vulnerabilities within dynamic cloud environments isn’t easy. The difficulty of this challenge is magnified by the competitive imperative to migrate to the public cloud quickly. It is further compounded by … More

danger

Malware incidents on remote devices increase

52% of organizations experienced a malware incident on remote devices in 2020, up from 37% in 2019, a Wandera report reveals. Of devices compromised by malware in 2020, 37% continued accessing corporate emails after being compromised and 11% continued accessing cloud storage, highlighting a need for organizations to better determine how to configure business tools to ensure fast and safe connectivity for all users in 2021. Other findings In 2020, 28% of organizations were regularly … More

Dynatrace Application Security Module directly linked to Snyk Intel to ease developer remediation

Dynatrace announced that its Application Security Module now directly links the vulnerabilities it identifies in real time in production and pre-production environments to the Snyk Intel database of open source vulnerabilities to facilitate faster and easier remediation by developers. Dynatrace Application Security, the newest module in Dynatrace’s all-in-one Software Intelligence Platform, is optimized for Kubernetes architectures and DevSecOps approaches. With always-on runtime application security analysis and automatic AI data-flow-analysis, Dynatrace provides risk-weighted prioritization of vulnerabilities, … More

week in review

Week in review: Pen testing, Sunspot malware, Microsoft plugs Defender zero-day

Here’s an overview of some of last week’s most interesting news and articles: Top videoconferencing attacks and security best practices Videoconferencing has become a routine part of everyday life for remote workers, students, and families. Yet widespread adoption of this technology has also attracted nefarious characters whose motivations can range from simple disruption to full-out espionage. SolarWinds hack investigation reveals new Sunspot malware Crowdstrike researchers have documented Sunspot, a piece of malware used by the … More