Protecting your business with Wazuh: The open source security platform

Today, businesses face a variety of security challenges like cyber attacks, compliance requirements, and endpoint security administration. The threat landscape constantly evolves, and it can be overwhelming for businesses to keep up with the latest security trends. Security teams use processes an...

K000133094: cURL vulnerability CVE-2020-8177

Security Advisory Description curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used. CVE-2020-8177 Impact The highest threat from this vulnerability is to file integrity. This may...

K25102203: ImageMagick vulnerability CVE-2016-3716

Security Advisory Description The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image. CVE-2016-3716 Note : This vulnerability is one of the series of vulnerabilities known as ImageTragick. Impact Exploiting this...

SUSE CVE-2020-8150

A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files...

Is your FIM Solution Cost and Time Efficient?

Virtually every security professional and corporate executive is painfully aware of recent escalations in cybersecurity threats. No one wants to be a headline or get hit with the typical $4.5 million price tag to remediate an incident IBM Study. Almost every security team will agree that file...

CVE-2023-24068

Signal Desktop prior to 6.2.0 on Windows, Linux, and macOS is affected by a vulnerability where attachments stored in the attachments.noindex directory can be modified by an attacker. The flaw arises from insufficient validation of modifications to cached files, enabling an attacker to insert mal...

Threat hunting with MITRE ATT&CK and Wazuh

Threat hunting is the process of looking for malicious activity and its artifacts in a computer system or network. Threat hunting is carried out intermittently in an environment regardless of whether or not threats have been discovered by automated security solutions. Some threat actors may stay...

A Free Solution to Protect Your Business from 6 Biggest Cyber Threats in 2022

For the last few years, the cybersecurity threat landscape has gotten progressively more complex and dangerous. The online world is now rife with data thieves, extortionists, and even state actors looking to exploit vulnerabilities in businesses' digital defenses. And unfortunately — the bad guys...

OESA-2022-1523 aide security update

AIDE Advanced Intrusion Detection Environment is a file and directory integrity checker. It creates a database from the regular expression rules that it finds from the config files. Once this database is initialized it can be used to verify the integrity of the files. Security Fixes: AIDE before...

aide security update

CentOS Errata and Security Advisory CESA-2022:0473 An update for aide is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Important: Red Hat Security Advisory: aide security update

An update for aide is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

aide security update

An update for aide is now available for Rocky Linux 8. Rocky Linux Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links...

Important: Red Hat Security Advisory: aide security update

An update for aide is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RLSA-2022:0441 Important: aide security update

Advanced Intrusion Detection Environment AIDE is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. Security Fixes: aide: heap-based buffer overflow on outputs larger than B64BUF CVE-2021-45417 For more...

RCLocals - Linux Startup Analyzer

Inspired by 'Autoruns' from Sysinternals, RCLocals analyzes all Linux startup possibilities to find backdoors, also performs process integrity verification, scan for DLL injected processes and much more Things covered: ·List GPG keys trusted by the system ·Installed Packages ·File integrity...

Has your WordPress site been backdoored by a skimmer?

Skimmers and other threat actors are backdooring websites, and WordPress instances in particular, according to a recently released report. Researchers at Sucuri say attackers have developed methods to make sure that their grip on the infected site is not easily removed by applying the next update...

Apple iOS/macOS 信息泄露漏洞

Apple iOS is a set of operating systems developed for mobile devices by Apple. An information disclosure vulnerability exists in Apple iOS/macOS that originates from an unspecified error in AppleMobileFileIntegrity. The vulnerability can be exploited by an attacker to gain unauthorized access to...

SANS Experts: 4 Emerging Enterprise Attack Techniques

In a recent report, a panel of SANS Institute experts broke down key takeaways and emerging attack techniques from this year’s RSA Security Conference. The long and short of it? This next wave of malicious methodologies isn’t on the horizon — it’s here. When it comes to supply-chain and ransomwar...

Reinforce Defense with File Reputation and Trusted Source Intelligence in Qualys FIM

Monitoring change events in the file system is both a crucial aspect of security and a critical compliance requirement. A file integrity monitoring tool functions as an essential layer of defense to identify illicit activities across critical system files and registries, diagnose changes, and sen...

Vulnerability fixed in QNAP QTS

QNAP has fixed a vulnerability in the QTS operating system. The vulnerability allows a local malicious person to perform a so-called path-traversal attack. In the event of a successful attack, a malicious party can compromise the integrity of files. QNAP has released updates to fix the...