Windows Defender Attack Surface Reduction Security Feature Bypass

...

Cybercriminals Weaponizing Legitimate Advanced Installer Tool in Crypto-Mining Attacks

A legitimate Windows tool used for creating software packages called Advanced Installer is being abused by threat actors to drop cryptocurrency-mining malware on infected machines since at least November 2021. "The attacker uses Advanced Installer to package other legitimate software installers,...

Cloud storage security: What’s new in the threat matrix

Today, we announce the release of a second version of the threat matrix for storage services, a structured tool that assists in identifying and analyzing potential security threats on data stored in cloud storage services. The matrix, first released in April 2021 as detailed in the blog post Thre...

CVE-2023-23623

Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. A Content-Security-Policy that disables eval, specifically setting a script-src directive and not providing unsafe-eval in that directive, is not respected in renderers that have sandb...

CVE-2023-41742

Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent Linux, macOS, Windows before build 30430, Acronis Cyber Protect 15 Linux, macOS, Windows before build 35979...

CVE-2023-41742

Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent Linux, macOS, Windows before build 30430, Acronis Cyber Protect 15 Linux, macOS, Windows before build 35979...

Design/Logic Flaw

Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent Linux, macOS, Windows before build 30430, Acronis Cyber Protect 15 Linux, macOS, Windows before build 35979...

CVE-2023-41742

Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent Linux, macOS, Windows before build 30430, Acronis Cyber Protect 15 Linux, macOS, Windows before build 35979...

CVE-2023-41742

The CVE-2023-41742 issue affects Acronis Agent (Linux, macOS, Windows) prior to build 30430 and Acronis Cyber Protect 15 prior to build 35979. Root cause: binding to an unrestricted IP address, resulting in an excessive attack surface. Impact as described: CVSSv3 base score 7.5 (Network, High). R...

CVE-2023-41742

Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent Linux, macOS, Windows before build 30430, Acronis Cyber Protect 15 Linux, macOS, Windows before build 35979...

Acronis Agent和Acronis Cyber Protect 安全漏洞

Acronis Agent and Acronis Cyber Protect are both products of Acronis Singapore.Acronis Agent is an agent software.Acronis Cyber Protect is an all-in-one cyber protection solution for business and enterprise. Combining backup, anti-malware, network security and endpoint management capabilities suc...

PT-2023-5773 · Acronis · Acronis Agent +2

Name of the Vulnerable Software and Affected Versions: Acronis Agent versions prior to build 30430 Acronis Cyber Protect 15 versions prior to build 35979 Description: The issue is related to an excessive attack surface due to binding to an unrestricted IP address. This could allow a remote attack...

Noir - An Attack Surface Detector Form Source Code

Noir is an attack surface detector form source code. Key Features Automatically identify language and framework from source code. Find API endpoints and web pages through code analysis. Load results quickly through interactions with proxy tools such as ZAP, Burpsuite, Caido and More Proxy tools...

CVE-2023-37379

Apache Airflow, in versions prior to 2.7.0, contains a security vulnerability that can be exploited by an authenticated user possessing Connection edit privileges. This vulnerability allows the user to access connection information and exploit the test connection feature by sending many requests,...

PYSEC-2023-152

Apache Airflow, in versions prior to 2.7.0, contains a security vulnerability that can be exploited by an authenticated user possessing Connection edit privileges. This vulnerability allows the user to access connection information and exploit the test connection feature by sending many requests,...

CVE-2023-37379 Apache Airflow: Exposure of sensitive connection information, DOS and SSRF on "test connection" feature

Apache Airflow, in versions prior to 2.7.0, contains a security vulnerability that can be exploited by an authenticated user possessing Connection edit privileges. This vulnerability allows the user to access connection information and exploit the test connection feature by sending many requests,...

CVE-2023-37379

CVE-2023-37379 affects Apache Airflow versions prior to 2.7.0. An authenticated user with Connection edit privileges can access connection information and abuse the test connection feature by sending many requests, causing a DoS condition on the server and enabling potentially harmful connections...

Part III: Implementing Effective Cyber Security Metrics that Reduce Risk Realistically

We outlined some critical cybersecurity metrics in Part I of this three-part blog series. In the final blog post, we will delve into three crucial aspects outlined in Josh’s article: tactical metrics for operational teams, strategic metrics for leadership, and the metrics addressing the...

RFP Template for Browser Security

Increasing cyber threats and attacks have made protecting organizational data a paramount concern for businesses of all sizes. A group of experts have recognized the pressing need for comprehensive browser security solutions and collaborated to develop "The Definitive Browser Security RFP...

Part II: Implementing Effective Cyber Security Metrics that Reduce Risk Realistically

In Part I of this three-part blog series, we discussed building a cyber risk metrics program from the ground up. We also discovered how to implement effective strategies for holistically articulating your cyber risk posture across your organization. In our second installment, we’ll delve deeper...