Collaborate Disseminate
Windows has offered the ability to download updates from machines in the local network for some time. My gut feeling tells me this would be a great attack vector for Windows security vulnerabilites.
Have there been security vulnerabilites … Continue reading Security vulnerabilites in Windows updates from local network
I’m trying to update the Ubuntu OpenSSH version to 9.3p2, because of the CVE-2023-38408 vulnerability, but I can’t.
The recomendation is update to last version: https://ubuntu.com/security/CVE-2023-38408
I am running the following command:… Continue reading How to update Ubuntu SSH version to latest version [closed]
The environment: A landscape of 4500+ endpoints connected to a corporate network, of which most but not all devices are Windows Desktop devices. The devices are managed by a local / on-prem AD NOT Azure. The devices are not managed by Offi… Continue reading Best solution for enterprise endpoint patch management [migrated]
I recently created a Windows 10 installation stick via the official media creation tool. Presumably, there was no malware on my host system on which I created the stick. It’s a pretty fresh install as well, and was only used shortly on my … Continue reading Windows Update installs yandex.ru browser hijacker
I have a custom Debian router installation which I’m trying to keep both secure and low-maintenance. I’ve therefore set some scripts which keep my Docker containers, blocklists, and OS (security updates only) actual by checking for updates… Continue reading Security Implications of Automatic Updates?
I am connecting to a wi-fi network and blocked all IP addresses in this network with a regular Windows 10 firewall. The only available IP addresses are:
192.168.1.1 = gateway
192.168.1.102 = my own IP address
Some people from the wi-fi s… Continue reading Windows 10 Update – Man In The Middle Attack – Tamper Update [duplicate]
Developers update their software, sometimes they patch vulnerabilities.
Is it realistically possible to analyze the updated code (even if it’s closed source) to find the vulnerability that has been fixed (and still exist on all unpatched v… Continue reading Analyze fixed vulnerabilities in software updates
I have a Linux server that hosts an internal web server (apache) and database (MySQL).
I would like to know what’s the best option to update the packages (ex: web server) knowing that this server does not have Internet access (but could ha… Continue reading How companies update their packages on Linux server that do not have access to Internet? [migrated]
Frequently, I’ve noticed that motherboard manufacturers recommend against installing/upgrading BIOS updates unless there’s some kind of issue you are encountering. The warning usually comes in the form as the following (taken from a Superm… Continue reading Why are BIOS updates discouraged if they provide security improvements?
Within a DevSecOps Ci/Cd pipeline, one of the best practices is to automatically discover and apply patches to vulnerable software prior to deployment.
Is it possible to check a CVE database, find patches, and then deploy? I want to build … Continue reading How do you build in the capability to automate the ability to discover and apply security patches in your ci/cd pipeline?