Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Vulnerability

Jira Security Vulnerability CVE-2019-11581

On 10 July 2019, Atlassian released a security advisory for a critical severity vulnerability in most versions of Jira Server and Jira Data Center. The vulnerability was introduced in version 4.4.0, released in 2011, and affects versions as recent as 8.2.2, released on 13 June 2019. The good news is that users of Jira Cloud are not affected. But how many organizations are running Jira Server or Jira Data Center, and are vulnerable to this attack?

Climbing the Vulnerability Management Mountain: Gearing Up and Taking Step One

As I discussed in the first blog in this series, the purpose of this series is to guide you on your journey up the Vulnerability Management Mountain (VMM). Like climbing a mountain, there is a lot of planning and work required, but when you get to the top, the view is amazing and well worth the journey. For the first phase, let’s start by planning the trip up Vulnerability Mountain. When you get ready to climb a mountain, you need gear, and you need to know what to ask for at the store.

Content Security Policy (CSP) explained including common bypasses

We have written about Content Security Policy (CSP) on Detectify Labs before. But maybe you’re wondering why should you have it on your site to begin with? This article will explain why having one can prevent header exploits with attributes and common bypasses. CSP is a response header that instructs the web browser from what sources it is allowed to include and execute resources from.

4 Fundamentals That Make Your Vulnerability Management (VM) Program Less Effective

If you are a security practitioner, then you may have noticed that much of the security industry exists because of vulnerabilities. Regardless of what job position you occupy, vulnerabilities are oftentimes the reason why you wake up every morning and ultimately engage infosec from within your cutting-edge working environment. Vulnerabilities will continue to arise; this is a fact of the environmental change that goes with any business or organization.

What is Vulnerability Scanning?

Vulnerability management is one of the core responsibilities of a security team. It covers assessing, reporting and if needed, mitigating on an organization’s security vulnerabilities. Yet vulnerabilities can be tackled with if and if only they are known to the IT security team. In order to find out vulnerabilities of a system or software, vulnerability scanning is conducted. It is a security technique whose purpose is identifying security weaknesses in a system.

Investigate and Correct CVEs with the K8s API

When NIST (https://nvd.nist.go) announces a new CVE (Common Vulnerability and Exposure) that impacts Kubernetes, kube administrators and IT Security teams need to quickly understand the impact of the vulnerability and protect their Kubernetes clusters. Often, no patches are yet available, so in addition to understanding the impact, DevOps teams have to decide whether or not to create a custom fix to mitigate the risk of that CVE without bringing down the entire app or system.

What's New and Changing in the World of Vulnerability Management?

According to CIS, “Organizations that do not scan for vulnerabilities and proactively address discovered flaws face a significant likelihood of having their computer systems compromised.” While vulnerability management (VM) isn’t new, I’ve seen it evolve a lot over my 22 years in the industry. Here are some big trends: The idea of an asset has changed and grown over the years. Back in the ‘90s, it was a PC or a server.

Steps for Successful Vulnerability Management: Lessons from the Pitch

When I was younger, I played a variety of team sports and enjoyed competing against opponents with my teammates. Winning was always a matter of applying sound tactics and strategy, attacking and defending well and using a blend of skill, talent and luck. Now that I’m older, I watch more than I play, and I’m able to appreciate the many lessons team sports teach, especially at the professional level. With sports, we can tackle technical topics in a relatable way.

Sharepoint vulnerability exploited in the wild

AT&T Alien Labs has seen a number of reports of active exploitation of a vulnerability in Microsoft Sharepoint (CVE-2019-0604). One report by the Saudi Cyber Security Centre appears to be primarily targeted at organisations within the kingdom. An earlier report by the Canadian Cyber Security Centre identified similar deployment of the tiny China Chopper web-shell to gain an initial foothold.