Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Vulnerability

Applied Lessons from Product Security Teams in Vulnerability Management | Nucleus Security

Nov 29, 2023 By Nucleus In Nucleus
Product security and vulnerability management have become critical components of an organization's overall cybersecurity strategy. However, these two teams often face challenges in working together effectively, leading to misalignment and potential security gaps. Patrick Garrity hosted a roundtable discussion with industry experts Matthew Clapham and Scott Kuffer to share applied lessons from product security teams and vulnerability management.
View Video
Arctic Wolf

CVE-2023-41265, CVE-2023-41266 & CVE-2023-48365: Multiple Vulnerabilities in Qlik Sense Enterprise Actively Exploited

Nov 28, 2023 By James Liolios In Arctic Wolf
Arctic Wolf has recently worked multiple incident response cases where we have observed ransomware groups exploiting CVE-2023-41265, CVE-2023-41266 & CVE-2023-48365 to gain initial access. On August 29, 2023, Qlik published a support article detailing two vulnerabilities which when successfully exploited in tandem could lead to an unauthenticated threat actor achieving remote code execution (RCE). CVE-2023-41266.
Read Post
Arctic Wolf

Qlik Sense Exploited in Cactus Ransomware Campaign

Nov 28, 2023 By Stefan Hostetler, Markus Neis, Kyle Pagelow In Arctic Wolf
Arctic Wolf Labs has observed a new Cactus ransomware campaign which exploits publicly-exposed installations of Qlik Sense, a cloud analytics and business intelligence platform.[1] Based on available evidence, we assess that all vulnerabilities exploited were previously identified by researchers from Praetorian [2,3]. For more information on these vulnerabilities, see the advisories published by Qlik (CVE-2023-41266, CVE-2023-41265, and CVE-2023-48365) as well as our Security Bulletin.
Read Post
Snyk

A DevSecOps solution for your apps on AWS from Snyk

Nov 28, 2023 By David Lugo In Snyk

AWS offers the infrastructure, innovation, services, and reliability to run your mission-critical applications, which is why millions of customers partner with AWS to build, run, and scale applications in the cloud. But how can customers proactively ensure the security of these critical applications?

Read Post
Snyk

How to integrate ASPM with your application security program

Nov 28, 2023 By Vandana Verma Sehgal In Snyk

Application security posture management (ASPM) enables AppSec teams to continuously monitor, manage, and improve the security health of software applications throughout their lifecycle. It provides a framework for ensuring that applications are built securely from the start, maintained with security in mind, and continuously monitored for vulnerabilities that introduce significant risk to the business. With ASPM, we get aggregated data in a unified dashboard.

Read Post

The Rise In Vulnerability Disclosure, Exploitation and Threat Intelligence

Nov 28, 2023 By Nucleus In Nucleus
Patrick Garrity, Security Researcher at Nucleus Security, discusses the rise of vulnerabilities exploitation and threat intelligence in the field of vulnerability management. He highlights the history of vulnerability management, the increase in vulnerabilities and exploitation, the limitations of the common vulnerability scoring system (CVSS), and the emergence of vulnerability threat intelligence. Patrick also emphasizes the importance of open-source intelligence, such as CISA's Known Exploited Vulnerabilities (KEV) List and the Exploit Prediction Scoring System (EPSS), as well as the value of commercial threat intelligence.
View Video
datadog

Mitigate infrastructure vulnerabilities with Datadog Cloud Security Management

Nov 27, 2023 By Rajat Luthra In Datadog

Cloud environments comprise hundreds of thousands of individual components, from infrastructure-level containers and hosts to access-level user and cloud accounts. With this level of complexity, continuous and end-to-end visibility into your environment is vital for detecting, prioritizing, and fixing vulnerabilities before attackers can take advantage of them.

Read Post
Snyk

Exploring WebExtension security vulnerabilities in React Developer Tools and Vue.js devtools

Nov 27, 2023 By Calum Hutton In Snyk

Snyk's security researchers have conducted some research to better understand the risks of WebExtensions, both well-known (i.e. XSS, code injection) and those more specific to WebExtensions themselves. From our research we identified and disclosed some vulnerabilities within some popular browser extensions: React Developer Tools and Vue.js devtools. In this post, we will explore the WebExtension technology and look into the vulnerabilities identified.

Read Post
Arctic Wolf

CVE-2023-43177: Critical Unauthenticated RCE Vulnerability in CrushFTP

Nov 27, 2023 By James Liolios In Arctic Wolf
On August 10, 2023, CrushFTP released an advisory regarding a vulnerability affecting versions of CrushFTP lower than 10.5.1. Since then, the vulnerability has been tracked as CVE-2023-43177 and the security researchers at Converge published a blog sharing their findings on November 16. CVE-2023-43177 is a mass assignment vulnerability related to how CrushFTP parses request headers for the AS2 protocol. Successful exploitation could lead to unauthenticated, remote code execution (RCE).
Read Post
Trustwave

Trustwave MailMarshal Email Security Protects Against WinRAR Vulnerability CVE-2023-38831

Nov 24, 2023 By Trustwave In Trustwave

The importance of email security cannot be understated. Proof of this can be seen in some recent research conducted by the Trustwave SpiderLabs team around our email security product MailMarshal. The team recently ran an experiment on known Zero Day CVE-2023-38831 found in RARLabs WinRAR that is currently being exploited in the wild in WinRAR versions 6.23 and earlier. WinRAR is a compression, archiving, and archive managing software tool.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.