2317 matches found
Managed Veeam Agent backup job fails with "Unknown invoker method: 2757" error
A Veeam Agent backup job managed by the backup server fails with the following error: Failed to start backup job Error: Unknown invoker method: 2757...
3 Ways for MSPs to Increase Their Managed Security Footprint
Managed service providers looking to increase their business often face the choice of whether to focus on finding new customers or expanding their existing base. But there’s a growing opportunity making the latter option especially appealing. The small and midsize businesses that comprise the bul...
McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service - Crescendo
McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – Crescendo By Jessica Saavedra-Morales · October 20, 2019 Episode 4: Crescendo This is the final installment of the McAfee Advanced Threat Research ATR analysis of Sodinokibi and its connections to GandGrab, the most prolific...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories page. The Cybersecurity an...
Cross site scripting
A vulnerability in the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. The vulnerability is due to insufficient validation of user-supplie...
CVE-2019-12718
The CVE-2019-12718 vulnerability affects Cisco Small Business Smart and Managed Switches with a flaw in the web-based interface that fails to properly validate user input, enabling unauthenticated remote XSS. An attacker could entice a user to click a malicious link and reach a specific web page,...
CVE-2019-12636
Cisco CVE-2019-12636 is a CSRF vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches (250, 350, 550X series). The issue stems from insufficient CSRF protections, enabling an unauthenticated, remote attacker to trick a user into visiting a malicious...
CVE-2019-12636 Cisco Small Business Smart and Managed Switches Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections for the...
Cisco Small Business Smart and Managed Switches Cross-Site Scripting Vulnerability
A vulnerability in the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. The vulnerability is due to insufficient validation of user-supplie...
Cisco Small Business Smart and Managed Switches Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections for the...
CVE-2019-6334
CVE-2019-6334 affects HP LaserJet, PageWide, OfficeJet Enterprise, and LaserJet Managed Printers. The issue concerns a signature-check mechanism for installed applications that may allow arbitrary code execution. The HP advisory (HP C06447795) confirms a risk of execution of arbitrary code and pr...
Cisco Small Business Smart and Managed Switches CVE-2019-12718 Cross Site Scripting Vulnerability
Description Cisco Small Business Smart and Managed Switches are prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...
keycloak: script execution via UMA policy trigger
A flaw was found in Keycloak’s user-managed access interface, where it would permit a script to be set in the UMA policy. This flaw allows an authenticated attacker with UMA permissions to configure a malicious script to trigger and execute arbitrary code with the permissions of the user running...
A week in security (October 7 – 13)
Last week on Malwarebytes Labs, we peered into the possible future of cybersecurity insurance, described the process for securing today’s managed service provider, and provided an in-depth explainer on the business espionage tactic known as “war shipping.” Further, in considering the intersection...
Securing the managed service provider (MSP)
Managed service providers MSPs have been a boon to midsize enterprise. They allow for offloading technical debt to an agent with the skills and resources to manage it, thereby giving an organization room to focus on growing a business, rather than the particulars of infrastructure. For a long...
CVE-2018-5745
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertio...
CVE-2018-5745
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertio...
DEBIAN-CVE-2018-5745
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertio...
ALPINE-CVE-2018-5745
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertio...
Design/Logic Flaw
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertio...