Tumgik
Visit Blog
Explore Tumblr blogs with no restrictions, modern design and the best experience.
Fun Fact
China blocked Tumblr because of pornography and censorship problems in 2013.
#CVE
govindhtech · 6 months
Text
Decoding CISA Exploited Vulnerabilities
Tumblr media
Integrating CISA Tools for Effective Vulnerability Management: Vulnerability management teams struggle to detect and update software with known vulnerabilities with over 20,000 CVEs reported annually. These teams must patch software across their firm to reduce risk and prevent a cybersecurity compromise, which is unachievable. Since it’s hard to patch all systems, most teams focus on fixing vulnerabilities that score high in the CVSS, a standardized and repeatable scoring methodology that rates reported vulnerabilities from most to least serious. 
However, how do these organizations know to prioritize software with the highest CVE scores? It’s wonderful to talk to executives about the number or percentage of critical severity CVEs fixed, but does that teach us anything about their organization’s resilience? Does decreasing critical CVEs greatly reduce breach risk? In principle, the organization is lowering breach risk, but in fact, it’s hard to know. 
To increase cybersecurity resilience, CISA identified exploited vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) initiative was created to reduce breaches rather than theoretical risk. CISA strongly urges businesses to constantly evaluate and prioritize remediation of the Known Exploited Vulnerabilities catalog. By updating its list, CISA hopes to give a “authoritative source of vulnerabilities that have been exploited in the wild” and help firms mitigate risks to stay ahead of cyberattacks.
CISA has narrowed the list of CVEs security teams should remediate from tens-of-thousands to just over 1,000 by focusing on vulnerabilities that: 
Been assigned a CVE ID and actively exploited in the wild
Have a clear fix, like a vendor update.
This limitation in scope allows overworked vulnerability management teams to extensively investigate software in their environment that has been reported to contain actively exploitable vulnerabilities, which are the most likely breach origins. 
Rethinking vulnerability management to prioritize risk
With CISA KEV’s narrower list of vulnerabilities driving their workflows, security teams are spending less time patching software (a laborious and low-value task) and more time understanding their organization’s resiliency against these proven attack vectors. Many vulnerability management teams have replaced patching with testing to see if: 
Software in their surroundings can exploit CISA KEV vulnerabilities.
Their compensatory controls identify and prevent breaches. This helps teams analyze the genuine risk to their organization and the value of their security protection investments.
This shift toward testing CISA KEV catalog vulnerabilities shows that organizations are maturing from traditional vulnerability management programs to Gartner-defined Continuous Threat Exposure Management (CTEM) programs that “surface and actively prioritize whatever most threatens your business.” This focus on proven risk instead of theoretical risk helps teams learn new skills and solutions to execute exploits across their enterprise.  
ASM’s role in continuous vulnerability intelligence  
An attack surface management (ASM) solution helps you understand cyber risk with continuous asset discovery and risk prioritization.
Continuous testing, a CTEM pillar, requires programs to “validate how attacks might work and how systems might react” to ensure security resources are focused on the most pressing risks. According to Gartner, “organizations that prioritize based on a continuous threat exposure management program will be three times less likely to suffer a breach.”
CTEM solutions strengthen cybersecurity defenses above typical vulnerability management programs by focusing on the most likely breaches. Stopping breaches is important since their average cost is rising. IBM’s Cost of a Data Breach research shows a 15% increase to USD 4.45 million over three years. As competent resources become scarcer and security budgets tighten, consider giving your teams a narrower emphasis, such as CISA KEV vulnerabilities, and equipping them with tools to test exploitability and assess cybersecurity defense robustness.
Checking exploitable vulnerabilities using IBM Security Randori
IBM Security Randori, an attack surface management solution, finds your external vulnerabilities from an adversarial perspective. It continuously validates an organization’s external attack surface and reports exploitable flaws.
A sophisticated ransomware attack hit Armellini Logistics in December 2019. After the attack, the company recovered fast and decided to be more proactive in prevention. Armellini uses Randori Recon to monitor external risk and update asset and vulnerability management systems as new cloud and SaaS applications launch. Armellini is increasingly leveraging Randori Recon’s target temptation analysis to prioritize vulnerabilities to repair. This understanding has helped the Armellini team lower company risk without affecting business operations.
In addition to managing vulnerabilities, the vulnerability validation feature checks the exploitability of CVEs like CVE-2023-7992, a zero-day vulnerability in Zyxel NAS systems found and reported by IBM X-Force Applied Research. This verification reduces noise and lets clients act on genuine threats and retest to see if mitigation or remediation worked. 
Read more on Govindhtech.com
#technology#govindhtech#technews#news#ibm#randori#asm#cybersecurity#cisa#CVE
4 notes · View notes
szepkerekkocka · 8 months
Text
"CVSS is a shitty system"
Esettanulmányok arról, hogy készül a virsli CVSS (Common Vulnerability Scoring System), a cURL vezető fejlesztőjének előadásában.
@muszeresz
#curl#daniel stenberg#cve#common vulnerabilities and exposures#cna#cve numbering authority#mitre#cvss#Common Vulnerability Scoring System#nvd#national vulnerability database#ghsa db#GitHub Security Advisory Databas#hackerone#CVE-2022-42915#CVE-2023-27536#CVE-2020-19909
5 notes · View notes
gainsec · 2 years
Text
Tumblr media
Multiple new CVEs discovered and disclosed! XSS, DoS and a weak password policy!
#gainsec#hacker#ethical hacker#kali linux#cybersecurity#bug bounty#bugbountytips#cve
7 notes · View notes
unichrome · 2 years
Text
Wake up babe the funniest CVE just dropped
#Malware#CVE#CVE 2022 38392
5 notes · View notes
attritionorg · 26 days
Text
Thoughts on CISA's "Vulnrichment" Initiative
As many in the vulnerability disclosure ecosystem are now aware, the Cybersecurity & Infrastructure Security Agency (CISA), announced a new program called “Vulnrichment” on LinkedIn yesterday. News about the program spread rapidly via news sites and private companies. In this statement and elsewhere, there are definitely some general questions to be asked out loud since the program is so new. For…
Tumblr media
View On WordPress
#Art Manion#CISA#CPE#CVE#NVD#Tanya Brewer#Vulnrichment
0 notes
techwargr · 2 months
Text
Κρίσιμη ευπάθεια στον Cisco IMC επιτρέπει σε επιτιθέμενους να αποκτήσουν πλήρη έλεγχο (Root Access)
New Post has been published on https://www.techwar.gr/1060/krisimi-efpatheia-ston-cisco-imc-epitrepei-se-epitithemenous-na-apoktisoun-pliri-elegcho-root-access/
Κρίσιμη ευπάθεια στον Cisco IMC επιτρέπει σε επιτιθέμενους να αποκτήσουν πλήρη έλεγχο (Root Access)
Tumblr media
Άμεση ενέργεια απαιτείται για τους διαχειριστές δικτύου που χρησιμοποιούν συσκευές Cisco, καθώς μια σοβαρή ευπάθεια στον Cisco Integrated Management Controller (IMC) θα μπορούσε να επιτρέψει σε έναν κακόβουλο χρήστη να αποκτήσει πλήρη έλεγχο (root access) των ευαίσθητων συστημάτων.
Η Cisco προειδοποιεί για μια ευπάθεια υψηλής σοβαρότητας (CVSS score: 8.8) στον διαχειριστικό ελεγκτή IMC που θα μπορούσε να αξιοποιηθεί από έναν εισβολέα με πρόσβαση διαχειριστή για να εκτελέσει εντολές root και να αναλάβει πλήρη έλεγχο της συσκευής. Η ευπάθεια οφείλεται σε ανεπαρκή έλεγχο των δεδομένων που εισάγει ο χρήστης, επιτρέποντας την εκτέλεση κακόβουλων εντολών.
Επηρεαζόμενα προϊόντα:
Συστήματα Cisco 5000 Series Enterprise Network Compute (ENCS)
Catalyst 8300 Series Edge uCPE
Διακομιστές UCS C-Series σε αυτόνομη λειτουργία
Διακομιστές UCS E-Series
Ασύρματοι ελεγκτές 5520 και 8540
Διακομιστές Application Policy Infrastructure Controller (APIC)
Συσκευές Business Edition 6000 και 7000
Συσκευές Catalyst Center (πρώην DNA Center – DNAC)
Cloud Services Platform (CSP) 5000 Series
Συσκευές Common Services Platform Collector (CSPC)
Συσκευές Connected Mobile Experiences (CMX)
Σειρά διακομιστών UCS Platform για ασφάλεια και συνδεσιμότητα
Συσκευές Cyber Vision Center
Συσκευές σειράς Expressway
Κόμβοι HyperFlex Edge
Κόμβοι HyperFlex σε λειτουργία Datacenter χωρίς Fabric Interconnect (DC-NO-FI)
Συσκευές IEC6400 Edge Compute
Συσκευές IOS XRv 9000
Συσκευές Meeting Server 1000
Συσκευές Nexus Dashboard
Συσκευές Prime Infrastructure
Συσκευές Prime Network Registrar Jumpstart
Secure Email Gateways
Secure Email and Web Manager
Συσκευές Secure Endpoint Private Cloud
Συσκευές Secure Firewall Management Center (πρώην Firepower Management Center)
Συσκευές Secure Malware Analytics
Συσκευές Secure Network Analytics
Συσκευές Secure Network Server
Συσκευές Secure Web Appliances
Secure Workload Servers
Συσκευές Telemetry Broker
Τι πρέπει να κάνετε: Η Cisco έχει κυκλοφορήσει ενημερώσεις λογισμικού για την αντιμετώπιση αυτής της ευπάθειας. Συνιστάται στους διαχειριστές δικτύου να ενημερώσουν τα συστήματά τους το συντομότερο δυνατό, καθώς δεν υπάρχουν εναλλακτικές λύσεις για την αντιμετώπισή της.
Περισσότερα σχετικά διαβάστε εδώ
#Cisco#Cisco IMC#CVE#root access#ενημέρωση λογισμικού#ευπάθεια
0 notes
marcinlis · 3 months
Photo
Tumblr media Tumblr media
(via NI LabVIEW VI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | Marcin Lis)
#cve#cyber security#vulnerability
0 notes
reliqus · 3 months
Text
Emerging Threat: Fake CVE Phishing Scams Targeting WordPress Websites
In the ever-evolving landscape of cybersecurity, a new menace has emerged: the proliferation of fake CVE (Common Vulnerabilities and Exposures) phishing scams targeting WordPress websites. These deceptive schemes involve cybercriminals exploiting vulnerabilities within WordPress plugins or themes, leveraging them to propagate phishing emails masquerading as legitimate security updates. Unwary website administrators are lured into clicking on these emails, often leading to the disclosure of sensitive information or the unwitting granting of unauthorized access to their WordPress sites. These attacks not only jeopardize the integrity and security of WordPress websites but also erode user confidence in genuine security communications. Vigilance and verification of any purported security alerts or updates are imperative for website administrators to safeguard their WordPress platforms against this emerging threat.
#wordpress website design#cve
0 notes
protectmysite · 4 months
Text
Il s'agit d'une extension WordPress populaire auprès des administrateurs de sites web : Better Search and Replace. Une faille a été annoncée, permettant une intrusion grave et considérée comme simple.
D'ailleurs, la faille est déjà exploitée : une vague d'attaque a commencé.
Il est donc urgent de mettre à jour son WordPress !
Plus de détails dans l'article.
#cybersécurité#cyberprotection#wordpress#cve
0 notes
sajidamit · 5 months
Text
What Drives Violent Extremism and How to Counter It
Violent extremism, with its roots in complex sociopolitical and economic factors, poses a significant global challenge. Understanding the drivers behind this phenomenon is crucial for developing effective countermeasures. In this article, we explore the key drivers of violent extremism and strategies to counter its growth.
Tumblr media
1. Socioeconomic Disparities and Injustice
Addressing Economic Inequities
Violent extremism often finds fertile ground in areas marked by socioeconomic disparities. Strategies should focus on addressing economic inequalities through inclusive economic policies, job creation, and poverty alleviation programs.
2. Political Instability and Governance Issues
Promoting Good Governance
Political instability and governance challenges contribute to the rise of extremism. Effective countermeasures involve promoting good governance, transparency, and the rule of law, fostering stability and reducing the appeal of extremist ideologies.
3. Identity and Alienation
Cultural Integration and Inclusivity
Feelings of alienation and identity crises can drive individuals towards extremism. Counteracting this involves promoting cultural integration, inclusivity, and embracing diversity to foster a sense of belonging and unity.
4. Religious Radicalization
Promoting Interfaith Dialogue
Religious radicalization is a potent driver of violent extremism. Initiatives should focus on promoting interfaith dialogue, religious tolerance, and education to counteract extremist interpretations and narratives.
5. Online Radicalization and Recruitment
Monitoring Online Platforms
The digital age has facilitated the spread of extremist ideologies. Countermeasures involve monitoring online platforms, implementing effective content moderation, and utilizing technology to detect and counter online radicalization efforts.
6. Lack of Education and Awareness
Tumblr media
Integrating CVE in Education
A lack of education and awareness can contribute to susceptibility to extremist propaganda. Counteracting this involves integrating Counter Violent Extremism (CVE) education in school curricula, raising public awareness, and fostering critical thinking skills.
7. Social and Cultural Factors
Community Engagement Programs
Community dynamics play a crucial role in extremism. Developing community engagement programs that address social and cultural factors can build resilience against extremist ideologies and behaviors.
8. Economic and Political Exploitation by Extremist Groups
Counteracting Exploitation Tactics
Extremist groups often exploit economic and political grievances. Countermeasures involve addressing underlying issues, disrupting funding sources, and dismantling recruitment networks.
9. Lack of Rehabilitation Programs
Reintegration and Rehabilitation Initiatives
For individuals already radicalized, rehabilitation programs are essential. These initiatives should focus on deradicalization, psychological support, and skill-building to reintegrate individuals into society.
10. International Collaboration and Information Sharing
Global Cooperation
Given the transnational nature of violent extremism, international collaboration is crucial. Strategies should involve sharing intelligence, coordinating efforts, and implementing consistent measures across borders.
Further Reading: What Are the Limitations of CVE Strategies?
Beyond Immediate Solutions
Countering violent extremism is not a quick fix. It requires a long-term commitment to addressing the root causes that fuel it and building resilient communities where diversity is valued and grievances are addressed. Remember, the fight against violent extremism is not just about combating ideologies, it’s about building a world that offers hope, opportunity, and a sense of belonging for all.
A Word on Caution
While understanding the drivers of violent extremism is crucial, it’s important to avoid generalizations or demonizing entire groups of people. Every individual is unique, and their path to extremism is shaped by a complex interplay of personal experiences and social factors. Focusing solely on demonizing ideologies overlooks the need to address the underlying issues that make individuals vulnerable in the first place.
Must Read Blog: What Drives Violent Extremism and How to Counter It
Conclusion
Violent extremism may seem like an insurmountable challenge, but it’s not invincible. By understanding its root causes, promoting critical thinking, building bridges between communities, and fostering a more just and equitable world, we can chip away at its foundations and build a future where violence is not seen as a solution, but a relic of a bygone era. Remember, the fight against extremism is not just about security, it’s about building a world where everyone has a chance to thrive.
#Challenge#CVE
0 notes
jpmellojr · 7 months
Text
Don't let CVEs distract you: Shift your AppSec team's focus to malware
Tumblr media
Rather than wasting cycles on non-exploitable or remediated security holes, teams should focus on exploitability, and look for compromises including malware and tampering. Here's why. https://jpmellojr.blogspot.com/2023/11/dont-let-cves-distract-you-shift-your.html
#AppSec#Malware#CVE#CVSS#Vulnerabilities#ThreatActors
0 notes
richardmhicks · 7 months
Text
Always On VPN November 2023 Security Updates
Microsoft has released its security updates for November 2023. For Always On VPN administrators, it’s a light month, with just a single CVE affecting Always On VPN infrastructure. PEAP CVE-2023-36028 addresses a remote code execution (RCE) vulnerability in the Microsoft Protected Extensible Authentication Protocol (PEAP). An attacker could exploit this vulnerability by sending a specially…
Tumblr media
View On WordPress
#Always On VPN#AOVPN#authentication#CVE#EAP#firewall#Microsoft#mitigation#network policy server#NPS#PEAP#protected extensible authentication protocol#security#security update#update#VPN#vulnerability#Windows#windows firewall#Windows Server#workaround
0 notes
infosectrain03 · 8 months
Text
The Common Weakness Enumeration (CWE) is a software community project focused on creating a database of software flaws and vulnerabilities. It is a classification system for software risk concerns that can lead to exploits. CWE is operated by the MITRE Group, with cooperation from the National Cyber Security Division and US-CERT. CWE offers over 600 subcategories that cover various types of vulnerabilities and weaknesses.
#CWE#common weakness enumeration#CVE#cybersecurity#security#CWE software#CWE in security#infosecrain#learnorise
0 notes
mushroomofficial · 8 months
Text
you come to me, on this, the day of my daughter’s http vulnerability
#wake up babe new major security flaw in a very common bit of tech just dropped#infosec#tech news#technology#cve#whispers from the mycelium
0 notes
ausetkmt · 8 months
Text
Reuters reports that the Trump regime is implementing a new change to America’s domestic terrorism programs that will officially install religious profiling against Muslims and remove the dangerous white supremacist extremist groups who are responsible for much violence across the United States from the watch lists.
The program, “Countering Violent Extremism,” or CVE, would be changed to “Countering Islamic Extremism” or “Countering Radical Islamic Extremism,” the sources said, and would no longer target groups such as white supremacists who have also carried out bombings and shootings in the United States. Just in the past two years, authorities blamed radical and violent ideologies as the motives for a white supremacist’s shooting rampage inside a historic African-American church in Charleston, South Carolina and Islamist militants for shootings and bombings in California, Florida and New York.
A reporter at ThinkProgress tweeted that eliminating the tracking of America’s homegrown extremists similar to the Ku Klux Klan, certain far-right “patriot” groups and neo-Nazi groups will also eliminate the crucial tracking that the CVE program does to monitor the ranks of these hate-crime gangs and criminal enterprises.
As part of the Republican Party’s efforts to institute Islamophobia into public policy, terrorism will only be referred to as “radical Islam.” This is a clear strategy by the Trump regime that provides false justification to the Muslim ban that affects one of every eight Muslims worldwide from seven countries whose residents have never committed an act of terror on American soil.
Removing the white supremacist and violent extremist groups from federal tracking programs is an obvious power play by the Bannon regime to encourage racial hate and religious discrimination. The Trump regime has already removed the CVE’s previous 5-point counterterrorism strategy page from the State Department’s website, which we recovered via Archive.org.
Strategically, Trump’s efforts to brand terror as something solely Islamic are impractical and extremely unproductive, as Reuters’ report notes:
Hoda Hawa, director of policy for the Muslim Public Affairs Council, said she was told last week by people within DHS that there was a push to refocus the CVE effort from tackling all violent ideology to only Islamist extremism. “That is concerning for us because they are targeting a faith group and casting it under a net of suspicion,” she said. Some Republicans in Congress have long assailed the program as politically correct and ineffective, asserting that singling out and using the term “radical Islam” as the trigger for many violent attacks would help focus deterrence efforts. Others counter that branding the problem as “radical Islam” would only serve to alienate more than three million Americans who practice Islam peacefully. Some proponents of the program fear that rebranding it could make it more difficult for the government to work with Muslims already hesitant to trust the new administration, particularly after Trump issued an executive order last Friday temporarily blocking travel to the United States from seven predominantly Muslim countries.
The fact is, American law enforcement (chart below) has consistently reported that their greatest concern is white supremacists or terrorists like the KKK, neo-nazis and their white supremacy enablers, not extremist groups like al-Qaeda, which has refocused its effort on exploiting the instability in the Middle East and not on Osama bin Laden’s delusions of “global jihad.”
It’s without question that America has reason to be vigilant about ISIS-inspired attacks today, and also to guard steadfastly against another major attack.
Trump’s voters may not have taken him seriously, but now they’ll have to grapple seriously with an energized group of violent, racist groups flourishing openly in America. Trump’s Islamophobic executive orders only play into the hands of extremists like ISIS and help to foster the atmosphere of ostracization and disenfranchisement that serve as breeding grounds for extremist ideologies.
This is just day 13.
#donald trump#white supremacists#kkk#white identity terrorists#white supremacy#white hate#hate groups#american terrorists#white lies#neo nazi's#cve
1 note · View note
attritionorg · 2 months
Text
MITRE Got Popped; A Bit of Irony and Perspective
I know, “don’t kick someone when they are down“, but I have a history of working on a project that catalogs just such incidents. Yesterday, MITRE announced that they had been compromised by a nation-state actor, but didn’t provide much detail. Bleeping Computer reported that the compromise was due to a zero-day vulnerabilities in an Ivanti VPN product (CVE-2023-46805 / CVE-2024-21887). Like MITRE…
Tumblr media
View On WordPress
#ATT&CK#CVE#Jason Providakes#MITRE
0 notes
Last Seen Blogs
alikheiri
Alikheiri
therougequeen
Ana
adagio-vivacissimo
The_Music_Nerd
sinrepublic
Citizens of Sin Republic
daddidonkeedong
NatureSpiritu:alScaper