software vulnerability – WindowsTechs.com

X-Force releases detection & response framework for managed file transfer software

Posted on August 9, 2023 by John Dwyer

How AI can help defenders scale detection guidance for enterprise software tools If we look back at mass exploitation events that shook the security industry like Log4j, Atlassian, and Microsoft Exchange when these solutions were actively being exploited by attackers, the exploits may have been associated with a different CVE, but the detection and response […]

The post X-Force releases detection & response framework for managed file transfer software appeared first on Security Intelligence.

Continue reading X-Force releases detection & response framework for managed file transfer software→

Critical Remote Code Execution Vulnerability in SPNEGO Extended Negotiation Security Mechanism

Posted on December 13, 2022 by Chris Thompson

In September 2022, Microsoft patched an information disclosure vulnerability in SPNEGO NEGOEX (CVE-2022-37958). On December 13, Microsoft reclassified the vulnerability as “Critical” severity after IBM Security X-Force Red Security Researcher Valentina Palmiotti discovered the vulnerability could allow attackers to remotely execute code. The vulnerability is in the SPNEGO Extended Negotiation (NEGOEX) Security Mechanism, which allows […]

The post Critical Remote Code Execution Vulnerability in SPNEGO Extended Negotiation Security Mechanism appeared first on Security Intelligence.

Continue reading Critical Remote Code Execution Vulnerability in SPNEGO Extended Negotiation Security Mechanism→

IOCs vs. IOAs — How to Effectively Leverage Indicators

Posted on March 16, 2022 by Shawn Hedrick

Cybersecurity teams are consistently tasked to identify cybersecurity attacks, adversarial behavior, advanced persistent threats and the dreaded zero-day vulnerability. Through this endeavor, there is a common struggle for cybersecurity practitioners and operational teams to appropriately leverage indicators of compromise (IOCs) and indicators of attack (IOAs) for an effective monitoring, detection and response strategy. Inexperienced security […]

The post IOCs vs. IOAs — How to Effectively Leverage Indicators appeared first on Security Intelligence.

Continue reading IOCs vs. IOAs — How to Effectively Leverage Indicators→

IOCs vs. IOAs — How to Effectively Leverage Indicators

Posted on March 16, 2022 by Shawn Hedrick

The post IOCs vs. IOAs — How to Effectively Leverage Indicators appeared first on Security Intelligence.

Continue reading IOCs vs. IOAs — How to Effectively Leverage Indicators→

93% of Organizations Have Network Vulnerabilities: Here’s How to Beat the Odds

Posted on March 14, 2022 by Josh Nadeau

Cybersecurity is an ongoing battle, and the latest figures from penetration testers prove that the fight is far from over. According to Positive Technologies, 93% of all networks are open to breaches due to common vulnerabilities. However, there are proactive steps business owners can take to stay on the right side of that ratio. Take […]

The post 93% of Organizations Have Network Vulnerabilities: Here’s How to Beat the Odds appeared first on Security Intelligence.

Continue reading 93% of Organizations Have Network Vulnerabilities: Here’s How to Beat the Odds→

When it Comes to Stopping IoT Security Camera Breaches, Focus on Procurement

Posted on January 28, 2022 by David Bisson

Earlier this year, an enterprise security camera system maker suffered a data breach. The incident, which involved the compromise of a Jenkins server, enabled a group of attackers to bypass the company’s authorization system, including its two-factor authentication processes. Those responsible for the compromise then abused their access to release the photos and videos of […]

The post When it Comes to Stopping IoT Security Camera Breaches, Focus on Procurement appeared first on Security Intelligence.

Continue reading When it Comes to Stopping IoT Security Camera Breaches, Focus on Procurement→

Nation State Threat Group Targets Airline with Aclip Backdoor

Posted on December 15, 2021 by Melissa Frydrych

In March 2021, IBM Security X-Force observed an attack on an Asian airline that we assess was likely compromised by a state-sponsored adversary using a new backdoor that utilizes Slack. The adversary leveraged free workspaces on Slack, a legitimate messaging and collaboration application likely to obfuscate operational communications, allowing malicious traffic, or traffic with underlying […]

The post Nation State Threat Group Targets Airline with Aclip Backdoor appeared first on Security Intelligence.

Continue reading Nation State Threat Group Targets Airline with Aclip Backdoor→

Call to Patch: Zero Day Discovered in Enterprise Help Desk Platform

Posted on November 16, 2021 by Mostafa Soliman

In an age where organizations have established a direct dependence on software to run critical business operations, it’s fundamental that they are evaluating their software development lifecycles and that of their extended environment — third-party partners — against the same standards. Concerns around vulnerability management are gaining more government attention around the world in order […]

The post Call to Patch: Zero Day Discovered in Enterprise Help Desk Platform appeared first on Security Intelligence.

Continue reading Call to Patch: Zero Day Discovered in Enterprise Help Desk Platform→

Why Containers in the Cloud Can Be An Attacker’s Paradise

Posted on October 27, 2021 by Scott Wilson

Containers — which are lightweight software packages that include entire runtime environments — have solved the issues of portability, compatibility and rapid, controlled deployment. Containers include an application; all its dependencies, libraries and other binaries; and configuration files needed to run them. Heralding the era of microservices, Infrastructure as Code and service-oriented architectures (SOA), containers […]

The post Why Containers in the Cloud Can Be An Attacker’s Paradise appeared first on Security Intelligence.

Continue reading Why Containers in the Cloud Can Be An Attacker’s Paradise→

Spend Wisely (Not Just More) to Become Cyber Resilient

Posted on August 6, 2021 by Mike Elgan

Spending on cybersecurity is hitting record highs. And that makes sense. Because of big changes in how work gets done (plus the rising cost of breaches and attacks, like ransomware), companies are spending more than ever. But simply throwing money at the problem in order to try to become more cyber resilient is not a […]

The post Spend Wisely (Not Just More) to Become Cyber Resilient appeared first on Security Intelligence.

Continue reading Spend Wisely (Not Just More) to Become Cyber Resilient→