Collaborate Disseminate
Beyond Security’s cloud-based products enable hundreds of organizations to easily scan their growing, complex environments for network or application vulnerabilities. The team and solutions from Beyond Security will fit into HelpSystems’ popular infras… Continue reading HelpSystems acquires Beyond Security to expand cyber protection portfolio
Critical vulnerabilities discovered by Digital Defense can allow attackers to gain root access and take over devices running same firmware. Continue reading D-Link Routers at Risk for Remote Takeover from Zero-Day Flaws
The Digital Defense Vulnerability Research Team uncovered a previously undisclosed vulnerability affecting D-Link VPN routers. D-Link DSR-150, DSR-250, DSR-500 and DSR-1000AC VPN routers running firmware version 3.14 and 3.17 are vulnerable to a remote… Continue reading D-Link routers vulnerable to remotely exploitable root command injection flaw
A two-factor authentication (2FA) bypass vulnerability affecting the popular cPanel & WHM software suite may allow attackers to access secured accounts, Digital Defense researchers have found. The vulnerability has been patched last week and, by n… Continue reading cPanel 2FA bypass vulnerability can be exploited through brute force
Feature Provides Visual Topography of Network Vulnerabilities and Threats San Antonio, TX August 7, 2019 – Digital Defense, Inc. today announced Frontline Network Map, an innovative feature offering IT security and operations professionals enhanced vi… Continue reading Digital Defense, Inc. Debuts Frontline Network Map™
Digital Defense and The University of Texas at San Antonio (UTSA) Department of Computer Science jointly announced a partnership that will provide students and faculty with access to an award-winning cloud-based information security platform to further… Continue reading Digital Defense and UTSA partnership to further enrich the students’ cybersecurity education
A new set of vulnerabilities in a network management tool used by nearly two-thirds of Fortune 500 companies is the latest example of how high-consequence IT software can serve as a launching pad for bigger breaches. Five vulnerabilities in the ManageEngine Applications Manager and one in the Event Log Analyzer were disclosed this week by cybersecurity firm Digital Defense, Inc. Digital Defense has worked with ManageEngine’s vendor, Zoho, on mitigating the vulnerabilities. The flaws have not yet been assigned a number in the CVE list, but some are likely to be rated critical, since they would allow an attacker to remotely take total control of an affected system. The vulnerability disclosures were reviewed for CyberScoop by security firm Tenable. “These are bona fide vulnerabilities,” said Tom Parsons, Tenable’s director of product management. “They would provide a good beach-head” for an attacker, because a software package like an application monitor “provides broad […]
The post Critical ManageEngine vulns affect majority of Fortune 500 companies appeared first on Cyberscoop.
Continue reading Critical ManageEngine vulns affect majority of Fortune 500 companies
Researchers have discovered multiple severe vulnerabilities in ManageEngine’s line of tools for internal IT support teams, which are used by over half of Fortune 500 companies. About the vulnerabilities The first flaw affects EventLog Analyzer 11… Continue reading Flaws in ManageEngine apps opens enterprise systems to compromise
Digital Defense uncovered multiple, previously undisclosed vulnerabilities within several Zoho ManageEngine products. ManageEngine offers more than 90 tools to help manage IT operations, including networks, servers, applications, service desk, Active D… Continue reading Multiple zero-day vulnerabilities found in ManageEngine products
Avaya released a patch last week for a remote code execution vulnerability in its Avaya Aura Application Enablement Services software. Continue reading Avaya Patches Remote Code Execution Flaw in Aura