Dive Deep into VMDR

Qualys devoted the second day of the Qualys Security Conference entirely to vulnerability management, detection and response VMDR, a critical area for the security and compliance of hybrid cloud IT environments. Mehul Revankar, VP of Product Management and Engineering for VMDR at Qualys, set the...

ImHex - A Hex Editor For Reverse Engineers, Programmers And People That Value Their Eye Sight When Working At 3 AM.

A Hex Editor for Reverse Engineers, Programmers and people that value their eye sight when working at 3 AM. Features Featureful hex view Byte patching Patch management Copy bytes as feature Bytes Hex string C, C++, C, Rust, Python, Java & JavaScript array ASCII-Art hex view HTML self contained di...

Record Levels of Software Bugs Plague Short-Staffed IT Teams in 2020

2020 is shaping up to be a banner year for software vulnerabilities, leaving security professionals drowning in a veritable sea of patching, reporting and looming attacks, many of which they can’t even see. A trio of recent reports tracking software vulnerabilities over the past year underscore t...

3 Ways to Hunt for the ZeroLogon Vulnerability on Your Windows Servers

Vulnerability assessment and patch management can be painful time-consuming processes. From the Security team looking at vulnerability reports and prioritizing the riskiest ones for their environment to the IT or Infrastructure team determining exactly which machines need to be patched and...

Internet Explorer help

None None...

Election Systems Under Attack via Microsoft Zerologon Exploits

U.S. government officials have warned that advanced persistent threat actors APTs are now leveraging Microsoft’s severe privilege-escalation flaw, dubbed “Zerologon,” to target elections support systems. Days after Microsoft sounded the alarm that an Iranian nation-state actor was actively...

Beers with Talos Ep. #93: “More Secure” myths and misconceptions

Beers with Talos BWT Podcast episode No. 93 is now available. Download this episode and subscribe to Beers with Talos:Apple Podcasts Google PodcastsSpotify StitcherIf iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded Sept. 11, 2020 On today’s show, we take several of t...

CVE-2020-8243

A vulnerability in the Pulse Connect Secure 9.1R8.2 admin web interface could allow an authenticated attacker to upload custom template to perform an arbitrary code execution. Recent assessments: wvu-r7 at October 07, 2020 10:52pm UTC reported: Oh dear, another Pulse Secure vuln. Let’s break this...

Critical Industrial Flaws Pose Patching Headache For Manufacturers

While patch management already presents challenges for enterprises, it’s even more of a headache for manufacturers and other industrial firms – who may even need to shut down entire factory operations in order to apply fixes. Sharon Brizinov, the principal vulnerability researcher with Claroty, h...

Feds Warn Nation-State Hackers are Actively Exploiting Unpatched Microsoft Exchange, F5, VPN Bugs

The U.S. government is warning that Chinese threat actors have successfully compromised several government and private sector entities in recent months, by exploiting vulnerabilities in F5 BIG-IP devices, Citrix and Pulse Secure VPNs and Microsoft Exchange servers. Patches are currently available...

September 8, 2020—KB4577051 (Monthly Rollup)

September 8, 2020—KB4577051 Monthly Rollup NEW IMPORTANT Extended support for Windows Embedded Standard 7 Service Pack 1 WES 7 ends on October 13, 2020. Customers who have purchased the Extended Security Update ESU for on-premises versions of some operating systems must follow specific procedures...

Update for the Extended Security Updates (ESU) Licensing Preparation Package for Windows Server 2008 SP2

Update for the Extended Security Updates ESU Licensing Preparation Package for Windows Server 2008 SP2 WSUS scan cab files will continue to be available for Windows 7 SP1 and Windows Server 2008 R2 SP1. If you have a subset of devices running these operating systems without ESU, they might show a...

New Highly-Critical SAP Bug Could Let Attackers Take Over Corporate Servers

SAP has patched a critical vulnerability impacting the LM Configuration Wizard component in NetWeaver Application Server AS Java platform, allowing an unauthenticated attacker to take control of SAP applications. The bug, dubbed RECON and tracked as CVE-2020-6287, is rated with a maximum CVSS sco...

The vulnerability of Novell ZENworks Patch Management’s update agent to PatchLink updates allows a hacker to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of Novell ZENworks Patch Management’s update agent, when combined with the PatchLink client update, is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow attackers to access confidential data, compromise its integrit...

Microsoft Releases June 2020 Security Patches For 129 Vulnerabilities

Microsoft today released its June 2020 batch of software security updates that patches a total of 129 newly discovered vulnerabilities affecting various versions of Windows operating systems and related products. This is the third Patch Tuesday update since the beginning of the global Covid-19...

SolarWinds MSP PME Cache Service 1.1.14 - Insecure File Permissions

Title: SolarWinds MSP PME Cache Service 1.1.14 - Insecure File Permissions Author: Jens Regel, Schneider & Wulf EDV-Beratung GmbH & Co. KG Date: 2020-05-06 Vendor: https://www.solarwindsmsp.com/ CVE: CVE-2020-12608 GitHub: https://github.com/jensregel/Advisories/tree/master/CVE-2020-12608 CVSSv3:...

This Week in Security News: 7 Tips for Security Pros Patching in a Pandemic and Coinminer, DDoS Bot Attack Docker Daemon Ports

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about a malicious cryptocurrency miner and Distributed Denial of Service DDoS bot that targets open Docker daemon ports. Also, learn...

SolarWinds MSP PME (Patch Management Engine) Cache Service Code Execution Vulnerability

SolarWinds Advanced Monitoring Agent is a set of monitoring agent software from SolarWinds, Inc. The software is mainly used for remote monitoring and management of servers, etc. SolarWinds MSP PME Cache Service is one of the patch management engine cache service. A security vulnerability exists ...

CVE-2020-12608

An issue was discovered in SolarWinds MSP PME Patch Management Engine Cache Service before 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds MSP\SolarWinds.MSP.CacheService\config. This can lead to code execution by changing the...

CVE-2020-12608

Summary (concrete details known): The vulnerability CVE-2020-12608 affects SolarWinds MSP PME (Patch Management Engine) Cache Service in the Advanced Monitoring Agent, with versions before 1.1.15. The root cause is insecure file permissions on the config directory under %PROGRAMDATA%\SolarWinds M...