Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation

While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be possible by disabling the devices’ telemetry, it has now been confirmed that this mitigation is ineffectual. “Device teleme… Continue reading Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation

MOVEit Transfer zero-day attacks: The latest info

There’s new information about the zero-day vulnerability in Progress Software’s MOVEit Transfer solution exploited by attackers and – more importantly – patches and helpful instructions for customers. The MOVEit Transfer zero-day and … Continue reading MOVEit Transfer zero-day attacks: The latest info

‘War Dialing’ Tool Exposes Zoom’s Password Problems

As the Coronavirus pandemic continues to force people to work from home, countless companies are now holding daily meetings using videoconferencing services from Zoom. But without the protection of a password, there’s a decent chance your next Zoom meeting could be “Zoom bombed” — attended or disrupted by someone who doesn’t belong. And according to data gathered by a new automated Zoom meeting discovery tool dubbed “zWarDial,” a crazy number major corporations are setting up meetings without passwords enabled. Continue reading ‘War Dialing’ Tool Exposes Zoom’s Password Problems

You’ve Been Hacked! Now What?

In episode 110: Tyler Hudak, Incident Response Practice Lead at TrustedSec, joins us to talk about what you should do (and more importantly what you shouldn’t do) if you find out you’ve been hacked! ** Show notes and links mentioned on the … Continue reading You’ve Been Hacked! Now What?

IoC Scanner shows if Citrix appliances have been compromised via CVE-2019-19781

Citrix and FireEye have teamed up to provide sysadmins with an IoC scanner that shows whether a Citrix ADC, Gateway or SD-WAN WANOP appliance has been compromised via CVE-2019-19781. Finding evidence of compromise By now it should be widely known that … Continue reading IoC Scanner shows if Citrix appliances have been compromised via CVE-2019-19781

First patches for the Citrix ADC, Gateway RCE flaw released

As attackers continue to hit vulnerable Citrix (formerly Netscaler) ADC and Gateway installations, Citrix has released permanent fixes for some versions and has promised to provide them for other versions and for two older versions of SD-WAN WANOP by J… Continue reading First patches for the Citrix ADC, Gateway RCE flaw released

Exploits for Citrix ADC and Gateway flaw abound, attacks are ongoing

With several exploits targeting CVE-2019-19781 having been released over the weekend and the number of vulnerable endpoints still being over 25,000, attackers are having a field day. Do you use Citrix’s Application Delivery Controller (ADC) or Ga… Continue reading Exploits for Citrix ADC and Gateway flaw abound, attacks are ongoing

LokiBot, Anonymous, & Oracle – Hack Naked News #224

    This week, cryptomining malware that launches Linux VMs on Windows and macOS, Oracle patches another actively-exploded WebLogic 0-day, LokiBot and NanoCore malware distributed in ISO image files, and an anonymous hacker that was exposed after dropp… Continue reading LokiBot, Anonymous, & Oracle – Hack Naked News #224

Dave Kennedy, TrustedSec – Business Security Weekly #116

    We welcome David Kennedy, founder and CEO, at TrustedSec to discuss “Investing in the right technology and resources”! To learn more about TrustedSec, visit: https://www.securityweekly.com/trustedsecFull Show Notes Hosts         Announc… Continue reading Dave Kennedy, TrustedSec – Business Security Weekly #116

Group Discussion: Penetration Testing – Enterprise Security Weekly #94

Paul and John welcome Adrian Sanabria, Director of Research for Savage Security; Dave Kennedy, Founder of TrustedSec, Binary Defense, and DerbyCon; and Security Weekly’s very own Jeff Man! Paul and John have a group discussion with Adrian, Jeff, … Continue reading Group Discussion: Penetration Testing – Enterprise Security Weekly #94