Palo Alto Cortex Xpanse research team spent the first three months of 2021 monitoring the activities of attackers to better understand how much of an edge adversaries have in detecting systems that are vulnerable to attack. They followed a benchmark that they call “mean time to inventory” (MTTI), which is simply how long it takes somebody to start scanning for a vulnerability after it’s announced.
Xpanse research found 79% of observed exposures occurred in the cloud.
Under the theme – ‘Crossing Uncertain Times’, the conference will feature prominent global speakers from the Incident Response and Security Teams community
May 17, 2021
The Forum of Incident Response and Security Teams (FIRST) will hold its 33rd annual conference next month, June 7-9, 2021. Held online, the 33rd FIRST Conference: ‘Crossing Uncertain Times,’ is set to stream live from June 7, UTC at 1200hrs. The three-day event will feature keynote presentations highlighting recent global security incidents, pertinent industry panel discussions, and a range of presentations by global experts from across the incident response and security industry.
The new year is upon us, and as such, it is a time to reflect on what worked over the past 12 months, and more importantly, what didn’t work. Organizations all over the world are utilizing applications, operating systems, and IoT devices while their data, and their customer’s data, increasingly lives in the cloud. Organizations should take the beginning of the year as a housekeeping opportunity to assess their systems to set themselves up for success in the new year.
Synopsys Cybersecurity Research Center (CyRC) researchers have discovered CVE-2020-27223, a denial of service vulnerability in Eclipse Jetty, a widely used open source web server and servlet container.
Positive Technologies security researcher Alexander Popov has discovered and fixed five similar issues in the virtual socket implementation of the Linux kernel. These vulnerabilities could be exploited for local privilege escalation, as confirmed by Popov in experiments on Fedora 33 Server. The vulnerabilities, known together as CVE-2021-26708, have received a CVSS v3 base score of 7.0 (high severity).
Positive Technologies expert Egor Dimitrenko discovered a high-severity vulnerability in the VMware vSphere Replication data replication tool. This solution allows organizations to create backups of virtual machines and run them if the main virtual machine reports a failure. The bug could have allowed attackers with access to the VMware vSphere Replication administration web interface to execute arbitrary code on the server with maximum privileges and start lateral movement on the network to seize control of the corporate infrastructure.
SHAREit, an Android application which has been downloaded more than a billion times, contains unpatched security vulnerabilities that the app maker has failed to fix for more than three months, according to a Trend Micro report.
A record number of critical and high severity vulnerabilities were logged to the National Institute of Standards and Technology (NIST) and its National Vulnerability Database (NVD) in 2020. THE NVD is a repository of Common Vulnerabilities and Exposures (CVEs) reported by security professionals, researchers and vendors. It is used by security teams around the world to stay up to date with security vulnerabilities as they are discovered. In January 2021, Redscan performed an analysis of the NVD to examine security and vulnerability trends. Their report focuses on vulnerabilities discovered in 2020, but also highlights wider CVE trends that have emerged since 1989.
After auditing the security of Helpdesk Software solution Deskpro in accordance with the company's Responsible Disclosure Bug Bounty Program, the Checkmarx Security Research Team discovered a severe cross-site scripting (XSS) issue that can be exploited multiple ways.
According to Menlo Security, Google Chrome users don't always take time to relaunch browser updates, and some legacy applications don't support new versions of Chrome.
Menlo Labs discovered that there are 49 different versions of Chrome being used by their customers as of November 17. Nearly two-thirds (61 percent) are running the latest build (.86) while just over a quarter (28 percent) are running one version prior (.85). Out of the customers running .86, a staggering 83 percent are running versions of Chrome that are vulnerable (