Rapid7 Acquires IntSights to Tackle the Expanding Threat Landscape

I am pleased to share the exciting news that, today, Rapid7 acquired IntSights, a leading provider of cloud-native, external threat intelligence and proactive threat remediation. The IntSights team is fantastic, and their threat intelligence capabilities are equally impressive. I’ll share more...

openSUSE 15 Security Update : MozillaThunderbird (openSUSE-SU-2021:1854-1)

"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1854-1 advisory. - Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a...

Microsoft to acquire RiskIQ to strengthen cybersecurity of digital transformation and hybrid work

Organizations are increasingly using the cloud to reimagine every facet of their business. Hybrid work has accelerated this digital transformation, and customers are challenged with the increasing sophistication and frequency of cyberattacks. Today, Microsoft is announcing that we have entered in...

Microsoft to acquire RiskIQ to strengthen cybersecurity of digital transformation and hybrid work

Organizations are increasingly using the cloud to reimagine every facet of their business. Hybrid work has accelerated this digital transformation, and customers are challenged with the increasing sophistication and frequency of cyberattacks. Today, Microsoft is announcing that we have entered in...

Dozens of Vulnerable NuGet Packages Allow Attackers to Target .NET Platform

An analysis of off-the-shelf packages hosted on the NuGet repository has revealed 51 unique software components to be vulnerable to actively exploited, high-severity vulnerabilities, once again underscoring the threat posed by third-party dependencies to the software development process. In light...

Microsoft Warns of Critical "PrintNightmare" Flaw Being Exploited in the Wild

Microsoft on Thursday officially confirmed that the "PrintNightmare" remote code execution RCE vulnerability affecting Windows Print Spooler is different from the issue the company addressed as part of its Patch Tuesday update released earlier this month, while warning that it has detected...

Watch Out! Zyxel Firewalls and VPNs Under Active Cyberattack

Taiwanese networking equipment company Zyxel is warning customers of an ongoing attack targeting a "small subset" of its security products such as firewall and VPN servers. Attributing the attacks to a "sophisticated threat actor," the firm noted that the attacks single out appliances that have...

CVE-2021-29951

The Mozilla Maintenance Service granted SERVICESTART access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating if an attacker spammed the 'Stop' command; but also...

Command injection

The Mozilla Maintenance Service granted SERVICESTART access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating if an attacker spammed the 'Stop' command; but also...

CVE-2021-29951

The Mozilla Maintenance Service granted SERVICESTART access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating if an attacker spammed the 'Stop' command; but also...

Attack Surface Analysis Part 3: Red and Purple Teaming

Part 3: Red and Purple Teaming This is the third and final installment in our 2021 series around attack surface analysis. In part 1 I offered a description and the value and challenge of vulnerability assessment. Part 2 explored the why and how of conducting penetration testing and gave some tips...

Takeaways from the Colonial Pipeline Ransomware Attack

If you feel like you’ve read a lot about ransomware in recent months, it’s because these attacks have indeed intensified. In 2020, ransomware attacks surged by 150 percent, with the average payment size increasing by more than 170 percent. Some of the notable victims include United Health Service...

Attack Surface Analysis Part 1: Vulnerability Scanning

In this three-part series, we’ll explore key considerations and strategies for choosing an attack surface analysis strategy, and the ways it can be used to increase awareness of both technical and process-related risks. We’ll start with vulnerability assessment below. BREACH!!! A word you may hea...

SUSE SLES11 Security Update : bind (SUSE-SU-2021:14714-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14714-1 advisory. - In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND 9...

CVE-2020-15378

The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the network, increasing the potential attack surface...

Information disclosure

The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the network, increasing the potential attack surface...

MTN Group: Blind SSRF External Interaction on https://mtngbissau.com/

Hii Security Team, I am S Rahul MCEHMetaxone Certified Ethical Hacker and a Security Researcher I just checked your website and found Blind SSRF External Interaction on https://mtngbissau.com/ What is SSRF? Server-side request forgery also known as SSRF is a web security vulnerability that allows...

Do you know your OpSec?

Open Source Intelligence OSINT is any information in the public domain that an attacker can dig up about you. Because of that it forms the basis of every Red Team engagement, as threat actor scenarios are created using publicly available information. Bearing that in mind it makes sense to review...

Biden’s Cybersecurity EO: The Wrong Issues

It’s no secret that foreign adversaries are making a concerted effort to target U.S. government agencies and companies. As technology advances and foreign superpowers gain influence, the game is shifting beneath our feet here in the U.S. Motivated in part by the extent and consequences of the...

BSA-2021-1481

Security Advisory ID : BSA-2021-1481 Component : IPv6 networking Revision : 1.0 The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the network, increasing the potential attack surface. When IPv6 networking is enabled on t...