PT-2023-4680 · Freerdp +8 · Freerdp +8

Name of the Vulnerable Software and Affected Versions: FreeRDP versions prior to 2.11.0 FreeRDP versions prior to 3.0.0-beta3 Description: The issue is related to an invalid offset validation leading to Out Of Bound Write in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. This...

Part II: Implementing Effective Cyber Security Metrics that Reduce Risk Realistically

In Part I of this three-part blog series, we discussed building a cyber risk metrics program from the ground up. We also discovered how to implement effective strategies for holistically articulating your cyber risk posture across your organization. In our second installment, we’ll delve deeper...

Design/Logic Flaw

Apptainer is an open source container platform. Version 1.2.0-rc.2 introduced an ineffective privilege drop when requesting container network setup, therefore subsequent functions are called with root privileges, the attack surface is rather limited for users but an attacker could possibly craft ...

CVE-2023-38496 Apptainer's ineffective privileges drop when requesting container network

Apptainer is an open source container platform. Version 1.2.0-rc.2 introduced an ineffective privilege drop when requesting container network setup, therefore subsequent functions are called with root privileges, the attack surface is rather limited for users but an attacker could possibly craft ...

Ineffective privileges drop when requesting container network

Impact Fix https://github.com/apptainer/apptainer/pull/1523 included in Apptainer 1.2.0-rc.2 has introduced an ineffective privilege drop when requesting container network setup, therefore subsequent functions are called with root privileges. The attack surface is rather limited for users but an...

Revealing Vulnerabilities’ True Dimensions: Illuminating Your Detection Surface with HivePro Uni5

...

Part I: Implementing Effective Cyber Security Metrics That Reduce Risk Realistically

As a CISO or business leader, some burning questions that often come to your mind are: How vulnerable is our cybersecurity posture? Are we better protected than we were three months or a year ago? Have our investments improved the cybersecurity posture and yielded any tangible benefits? Are my...

Security Patch Management Strengthens Ransomware Defense

With thousands of applications to manage, enterprises need an effective way to prioritize software security patches. That calls for a contextualized, risk-based approach and good overall attack surface risk management...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

It is an exploit module for Log4j. The vulnerability class/vecto...

How to Manage Your Attack Surface?

Attack surfaces are growing faster than security teams can keep up. To stay ahead, you need to know what's exposed and where attackers are most likely to strike. With cloud migration dramatically increasing the number of internal and external targets, prioritizing threats and managing your attack...

Docker Hub images found to expose secrets and private keys

Numerous Docker images shared on Docker Hub are exposing sensitive data, according to a study conducted by researchers at the German university RWTH Aachen. Needless to say, this poses a significant security risk. In traditional software development, programmers code an application in one computi...

These 6 Questions Will Help You Choose the Best Attack Surface Management Platform

The hype around different security categories can make it difficult to discern features and capabilities from bias when researching new platforms. You want to advance your security measures, but what steps actually make sense for your business? For anyone ready to find an attack surface managemen...

Zero-day deploys remote code execution vulnerability via Word documents

An unpatched zero-day vulnerability is currently being abused in the wild, targeting those with an interest in Ukraine. Microsoft reports that CVE-2023-36884 is tied to reports of: …a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of...

Siemens SIMATIC MV500 Devices Uncontrolled Resource Consumption Vulnerability

SIMATIC MV500 products are fixed optical readers for capturing print, laser, drill, punch and dotted line codes on a variety of different surfaces. Siemens SIMATIC MV500 Devices has an uncontrolled resource consumption vulnerability that can be exploited by an attacker to cause a denial of servic...

Microsoft Defender for Endpoint is ranked number one in market share in the IDC Worldwide Corporate Endpoint Security Market Shares report, 2022

Microsoft security researchers tracked a 130.4 percent increase in organizations that have encountered ransomware over the last year. Endpoints are an important attack vector and ensuring that organizations have modern endpoint security as part of a broader extended detection and response strateg...

The Right Way to Enhance CTI with AI (Hint: It's the Data)

Cyber threat intelligence is an effective weapon in the ongoing battle to protect digital assets and infrastructure - especially when combined with AI. But AI is only as good as the data feeding it. Access to unique, underground sources is key. Threat Intelligence offers tremendous value to peopl...

Beyond Asset Discovery: How Attack Surface Management Prioritizes Vulnerability Remediation

As the business environment becomes increasingly connected, organizations' attack surfaces continue to expand, making it challenging to map and secure both known and unknown assets. In particular, unknown assets present security challenges related to shadow IT, misconfigurations, ineffective scan...

Beyond Asset Discovery: How Attack Surface Management Prioritizes Vulnerability Remediation

As the business environment becomes increasingly connected, organizations' attack surfaces continue to expand, making it challenging to map and secure both known and unknown assets. In particular, unknown assets present security challenges related to shadow IT, misconfigurations, ineffective scan...

A week in security (June 19 - 25)

Last week on Malwarebytes Labs: Microsoft Azure AD flaw can lead to account takeover 5 facts to know about the Royal ransomware gang Malwarebytes only vendor to win every MRG Effitas award in 2022 & 2023 UPS warns customers of phishing attempts after data accessed 6 tips for a cybersecure honeymo...

Cyber Asset Attack Surface Management 101

Understanding CAASM This article was written by Ethan Smart, Co-Founder and Chief Solution Architect, appNovi a Rapid7 integration partner. It's essential for security and IT teams to have a comprehensive view and control of their cyber assets. This is why Cyber Asset Attack Surface Management...