Operations | Monitoring | ITSM | DevOps | Cloud

Vulnerability

N-able

How to better prioritize vulnerability remediation through automated penetration testing

Sep 15, 2021 By Guest In N-able

As most MSPs know, small- and medium-sized businesses are the most likely targets for cyberattacks. They lack many of the resources and infrastructure of their larger counterparts and a single cyberattack can be devastating. Analyzing and remediating vulnerabilities is an essential part of any security program. But current vulnerability management processes spit out long lists of instances that may or may not need remediation.

Read Post
jfrog

Critical Vulnerability in HAProxy (CVE-2021-40346): Integer Overflow Enables HTTP Smuggling

Sep 7, 2021 By Ori Hollander and Or Peles In JFrog
JFrog Security research teams are constantly looking for new and previously unknown vulnerabilities in popular open-source projects to help improve their security posture. As part of this effort, we recently discovered a potentially critical vulnerability in HAProxy, a widely used open-source load balancer proxy server that is particularly suited for very high traffic web sites and used by many leading companies.
Read Post

Risk Mitigation Strategies for Tcp/IP Vulnerabilities in OT

Sep 4, 2021 By JFrog In JFrog
JFrog in collaboration with Forescout Research Labs recently released the fourth study from Project Memoria - the industry’s most comprehensive study of TCP/IP vulnerabilities. INFRA:HALT covers 14 vulnerabilities affecting the popular closed source TCP/IP stack NicheStack. These vulnerabilities can cause Denial of Service or Remote Code Execution, allowing attackers to take targeted OT and ICS devices offline or take control of them.
View Video
jfrog

Scanning Dependencies in your sources using JFrog CLI and Xray

Aug 26, 2021 By Robi Nino In JFrog
Security vulnerabilities and license violations should be found as early as possible and the earlier in the SDLC , the better. As part of the “ Shift Left ” vision, JFrog CLI and Xray now allow scanning dependencies directly from sources , on-demand, using a simple command line. This functionality allows benefiting from the same JFrog Xray vulnerability and license scanning capabilities, even before deployment to JFrog Artifactory.
Read Post
haproxy

August/2021 - HAProxy 2.0+ HTTP/2 Vulnerabilities Fixed

Aug 16, 2021 By Daniel Corbett In HAProxy

If you are using HAProxy 2.0 or newer, it is important that you update to the latest version. A vulnerability was found that makes it possible to abuse the HTTP/2 parser, allowing an attacker to prepend hostnames to a request, append top-level domains to an existing domain, and inject invalid characters through the :method pseudo-header.

Read Post
jfrog

INFRA:HALT 14 New Security Vulnerabilities Found in NicheStack

Aug 4, 2021 By Asaf Karas, Shachar Menashe and Denys Vozniuk In JFrog
NicheStack is a TCP/IP network stack commonly used in millions of Operational Technology (OT) devices around the world, including in critical infrastructure such as manufacturing plants, power generation/transmission/distribution, water treatment, and more. JFrog’s security research team (formerly Vdoo), together with Forescout Research Labs, recently discovered 14 new security vulnerabilities affecting the NicheStack TCP/IP stack.
Read Post
ivanti

Ivanti Acquisition of RiskSense Provides Greater Protection for the Everywhere Workplace

Aug 2, 2021 By Jeff Abbott In Ivanti

If you have been watching Ivanti this year, you have seen that we are delivering on our commitment to make the Everywhere Workplaces possible by providing our customers more robust solutions to discover, manage, secure and service their IT assets. We have been doing this organically, we rolled out our Ivanti Neurons hyper-automated platform last July, and we have also added to the platform’s capabilities and value with acquisitions.

Read Post
ivanti

Ransomware is on the rise. Here's how Ivanti x RiskSense will solve it.

Aug 2, 2021 By Srinivas Mukkamala In Ivanti

Ransomware started making more headlines in 2016, but it was treated largely as a nuisance – not a tangible, resource-worthy threat. Fast forward to 2021 and ransomware has graduated to the big leagues, buoyed by a pandemic-fueled, hasty scramble toward decentralized workforces and digital everything. But this rising threat can’t be entirely blamed on the pandemic.

Read Post
sysdig

How to mitigate CVE-2021-33909 Sequoia with Falco - Linux filesystem privilege escalation vulnerability

Jul 28, 2021 By Alberto Pellitteri In Sysdig

The CVE-2021-33909, named Sequoia, is a new privilege escalation vulnerability that affects Linux’s file system. It was disclosed in July, 2021, and it was introduced in 2014 on many Linux distros; among which we have Ubuntu (20.04, 20.10 and 21.04), Debian 11, Fedora 34 Workstation and some Red Hat products, too. This vulnerability is caused by an out-of-bounds write found in the Linux kernel’s seq_file in the Filesystem layer.

Read Post
splunk

Detecting SeriousSAM CVE-2021-36934 With Splunk

Jul 27, 2021 By Splunk Threat Research Team In Splunk

SeriousSAM or CVE-2021-36934 is a Privilege Escalation Vulnerability, which allows overly permissive Access Control Lists (ACLs) that provide low privileged users read access to privileged system files including the Security Accounts Manager (SAM) database. The SAM database stores users' encrypted passwords in a Windows system. According to the Microsoft advisory, this issue affects Windows 10 1809 and above as well as certain versions of Server 2019.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.