Software in Progress
Open source software can be fantastic. I run almost exclusively open software, and have for longer than I care to admit. And although I’m not a serious coder by an …read more Continue reading Software in Progress
Category Archives: progress
PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)
Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular network monitoring solution for enterprises. CVE-2024-8785 and the PoC exploit CVE-… Continue reading PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)
Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
Progress Software has fixed a critical vulnerability (CVE-2024-6327) in its Telerik Report Server solution and is urging users to upgrade as soon as possible. About CVE-2024-6327 (and CVE-2024-6096) Telerik Report Server is an enterprise solution for s… Continue reading Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806)
Progress Software has patched one critical (CVE-2024-5805) and one high-risk (CVE-2024-5806) vulnerability in MOVEit, its widely used managed file transfer (MFT) software product. According to WatchTowr Labs researchers, the company has been privately … Continue reading Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806)
PoC for Progress Telerik RCE chain released (CVE-2024-4358, CVE-2024-1800)
Security researchers have published a proof-of-concept (PoC) exploit that chains together two vulnerabilities (CVE-2024-4358, CVE-2024-1800) to achieve unauthenticated remote code execution on Progress Telerik Report Servers. Telerik Report Server is a… Continue reading PoC for Progress Telerik RCE chain released (CVE-2024-4358, CVE-2024-1800)
PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)
More details of and a proof-of-concept exploit for an unauthenticated OS command injection vulnerability (CVE-2024-2389) in Flowmon, Progress Software’s network monitoring/analysis and security solution, have been published. The critical vulnerab… Continue reading PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)
Correct bad network behavior to bolster application experience
Legacy hardware-based applications existed happily in isolation, untethered from a network. The thing that really mattered was the speed of the hard drive and having enough memory. Today, even the software running from personal hard drives relies on ot… Continue reading Correct bad network behavior to bolster application experience
Infosec products of the month: October 2023
Here’s a look at the most interesting products from the past month, featuring releases from: Appdome, Arcitecta, AuditBoard, BackBox, Cloaked, ComplyCube, Darktrace, Data Theorem, Flexxon, Fortanix, Fortinet, Jumio, LogicMonitor, Malwarebytes, ManageEn… Continue reading Infosec products of the month: October 2023
New infosec products of the week: October 27, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Darktrace, Data Theorem, Jumio, Malwarebytes, Progress, and Wazuh. Progress Flowmon ADS 12.2 AI offers advanced security event monitoring Flowmon ADS 12.2 harnes… Continue reading New infosec products of the week: October 27, 2023
Progress Flowmon ADS 12.2 AI offers advanced security event monitoring
Progress has unveiled the latest release of its network anomaly detection system, Progress Flowmon ADS. Flowmon ADS 12.2 harnesses the power of artificial intelligence (AI) to provide an advanced and holistic view of detected security events, empowerin… Continue reading Progress Flowmon ADS 12.2 AI offers advanced security event monitoring