Evaluating the Security of an Enterprise IoT Deployment at Domino's Pizza

Recently, I had a great opportunity to work with Domino's Pizza to evaluate an internally conceived Internet of Things IoT-based business solution they had designed and deployed throughout their US store locations. The goal of this research project was to understand the security implications arou...

8 security tips for small businesses

Small businesses and startups are known to face some extra challenges when it comes to cybersecurity. Because they don’t have the size or budget to have a fully-fledged dedicated security team, it often comes down to a smaller staff that doesn’t have the time to do everything that is recommended ...

2021 Top Routinely Exploited Vulnerabilities

Summary This joint Cybersecurity Advisory CSA was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency CISA, National Security Agency NSA, Federal Bureau of Investigation FBI,...

U.S. Cybersecurity Agency Lists 2021's Top 15 Most Exploited Software Vulnerabilities

Log4Shell, ProxyShell, ProxyLogon, ZeroLogon, and flaws in Zoho ManageEngine AD SelfService Plus, Atlassian Confluence, and VMware vSphere Client emerged as some of the top exploited security vulnerabilities in 2021. That's according to a "Top Routinely Exploited Vulnerabilities" report released ...

Patch Management: HCL BigFix Computer Info Initialization

Binary data hclbigfixinitinfo.nbin...

Patch Management: HCL BigFix Get Installed Packages

Binary data hclbigfixgetpackages.nbin...

Patch Management: HCL BigFix Report

Binary data hclbigfixreport.nbin...

North Korean Lazarus APT group targets blockchain tech companies

A new advisory issued by the Federal Bureau of Investigation FBI, the Cybersecurity and Infrastructure Security Agency CISA, and the US Treasury Department Treasury, highlights the cyberthreats associated with cryptocurrency thefts and tactics used by a North Korean state-sponsored advanced...

Benchmarking Linux Security – Latest Research Findings

How well do your Linux security practices stack up in today's challenging operating environment? Are you following the correct processes to keep systems up-to-date and protected against the latest threats? Now you can find out thanks to research independently conducted by the Ponemon Institute. T...

CISA list of 95 new known exploited vulnerabilities raises questions

On Friday March 3, the Cybersecurity and Infrastructure Security Agency CISA added a whopping number of 95 new known exploited vulnerabilities to its Known Exploited Vulnerabilities Catalog. This catalog provides Federal Civilian Executive Branch FCEB agencies with a list of vulnerabilities that...

Vulnerability Remediation: It’s Not Just Patching

Vulnerability does not equal a patch, as such remediating a detected vulnerability requires deploying the right patches and, in some cases, making the right configuration changes. Using multiple tools to detect, map and deploy the right remediation actions is time consuming and will result in les...

ZOHO ManageEngine Desktop Central Licensing Issue Vulnerability

ZOHO ManageEngine Desktop Central DC is a desktop management solution from ZOHO, Inc. The solution includes software distribution, patch management, system configuration, remote control and other functional modules to support the entire lifecycle of desktop and server management...

ZOHO ManageEngine Desktop Centra Remote Code Execution Vulnerability

ZOHO ManageEngine Desktop Central DC is a desktop management solution from ZOHO, Inc. The solution includes software distribution, patch management, system configuration, remote control, and other functional modules to support the entire lifecycle of desktop and server management. properly...

How to Make Log4Shell Remediation Quick & Effective

Confronting the Log4Shell vulnerability in your environment has seemed anything but “easy” due to its prevalence in Java applications. Rapid remediation is critical. In this blog, Qualys offers some advice – and a new utility – to speed up the process. Remediation is a critical step to ensure tha...

Log4j “Log4Shell” RCE explained (CVE-2021-44228)

Hello everyone! I decided to make a separate episode about Log4Shell. Of course, there have already been many reviews of this vulnerability. But I do it primarily for myself. It seems to me that serious problems with Log4j and similar libraries will be with us for a long time. Therefore, it would...

Exploit for Deserialization of Untrusted Data in Apache Log4J

This is a proof-of-concept PoC exploit for CVE-2021-44228, a v...

Microsoft Security Update Validation Report December 2021

Microsoft’s December 2021 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing softwa...

Samsung SMR 输入验证错误漏洞

Samsung SMR is a system patch package from Samsung South Korea. The patch program is provided for Samsung mobile applications. A security vulnerability exists in Samsung SMR that originates when a networked system or product performs an operation on memory without properly validating data...

CVE-2021-0424

The CVE-2021-0424 entry concerns a Mediatek device where the in memory management driver has a missing bounds check, enabling a local denial-of-service due to a system crash. Exploitation requires local access with no user interaction. The patch reference is ALPS05403499 (Issue ALPS05393787). Con...

Exploitation of the CVE-2021-40444 vulnerability in MSHTML

Summary Last week, Microsoft reported the remote code execution vulnerability CVE-2021-40444 in the MSHTML browser engine. According to the company, this vulnerability has already been used in targeted attacks against Microsoft Office users. In attempt to exploit this vulnerability, attackers...