HackDig : Dig high-quality web security articles for hackers

VERT Threat Alert: November 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s November 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-915 on Wednesday, November 11th. Note: Microsoft has changed their advisory format and no longer provides basic vulnerability descriptions.In-The-Wild & Disclosed CVEsCVE-2020-17087This CVE descr
Publish At:2020-11-10 19:49 | Read:230 | Comments:0 | Tags:VERT VERT News Vulnerability Management

Tripwire Patch Priority Index for October 2020

Tripwire‘s October 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Apple, Adobe, and Oracle.First on the patch priority list this month is a very high priority vulnerability in Oracle WebLogic Server. The vulnerability is within the Console component of Oracle WebLogic Server, and it can be exploited without au
Publish At:2020-11-03 08:25 | Read:96 | Comments:0 | Tags:Featured Articles VERT Adobe Apple microsoft Oracle patch pr

A WebLogic Vulnerability Highlights the Path-Based Authorization Dilemma

A WebLogic server vulnerability fixed by the October CPU has come under active exploitation after a Vietnamese language blog post detailed the steps needed to bypass authentication and achieve remote code execution on unpatched systems. Although there have been a series of actively exploited WebLogic deserialization bugs, the exploit payload in this case imm
Publish At:2020-11-02 12:55 | Read:152 | Comments:0 | Tags:VERT Authentication exploits vulnerability WebLogic Vulnerab

SonicWall VPN Portal Critical Flaw (CVE-2020-5135)

Vulnerability DescriptionTripwire VERT has identified a stack-based buffer overflow in SonicWall Network Security Appliance (NSA). The flaw can be triggered by an unauthenticated HTTP request involving a custom protocol handler. The vulnerability exists within the HTTP/HTTPS service used for product management as well as SSL VPN remote access.Exposure and Im
Publish At:2020-10-14 06:00 | Read:246 | Comments:0 | Tags:VERT SonicWall Tripwire VERT

VERT Threat Alert: October 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s October 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-909 on Wednesday, October 14th.In-The-Wild & Disclosed CVEsCVE-2020-16938This CVE describes an information disclosure in the Windows kernel that could allow a local attacker to disclose informatio
Publish At:2020-10-13 21:01 | Read:291 | Comments:0 | Tags:VERT VERT News Vulnerability Management

Tripwire Patch Priority Index for September 2020

Tripwire‘s September 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Apple, and various Linux distributions.Up first on the patch priority list this month is a very high priority vulnerability, which is called “Zerologon” and identified by CVE-2020-1472. It is an elevation of privilege vulnerability
Publish At:2020-10-05 02:49 | Read:632 | Comments:0 | Tags:Featured Articles VERT Apple Linux microsoft patch priority

VERT Threat Alert: September 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s September 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-903 on Wednesday, September 9th.In-The-Wild & Disclosed CVEsThere were no in-the-wild or disclosed CVEs included in this month’s security guidance.CVE Breakdown by TagWhile historical Microsoft
Publish At:2020-09-08 23:35 | Read:476 | Comments:0 | Tags:Featured Articles VERT VERT News Vulnerability Management

Tripwire Patch Priority Index for August 2020

Tripwire‘s August 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Adobe, and Apple.Up first on the patch priority list this month are patches for Microsoft and Apple for vulnerabilities that have been integrated into various exploits. Metasploit has recently added exploits for Microsoft .NET Framework, SharePoi
Publish At:2020-09-01 01:57 | Read:681 | Comments:0 | Tags:Featured Articles VERT Adobe Apple critical vulnerability mi

VERT Threat Alert: August 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s August 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-899 on Wednesday, August 12th.In-The-Wild & Disclosed CVEsCVE-2020-1464A vulnerability exists in the way that Windows validates file signatures. An attacker could load improperly signed files by by
Publish At:2020-08-11 18:23 | Read:529 | Comments:0 | Tags:VERT VERT News

Tripwire Patch Priority Index for July 2020

Tripwire’s July 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, F5 Networks, Cisco, and Oracle.Up first on the patch priority list this month are patches for F5 Networks and Cisco for vulnerabilities that have been integrated into various Exploits. Metasploit has recently added exploits for F5 Networks’ B
Publish At:2020-08-03 08:24 | Read:491 | Comments:0 | Tags:Featured Articles VERT Cisco critical vulnerability F5 Netwo

VERT Threat Alert: July 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s July 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-895 on Wednesday, July 15th.In-The-Wild & Disclosed CVEs CVE-2020-1463A vulnerability in the SharedStream Library could allow a locally authenticated attacker to run a malicious application in order
Publish At:2020-07-14 18:20 | Read:505 | Comments:0 | Tags:VERT

Checking the Windows Store for Patching the Codecs Library Vulnerability

What is the Windows Store?The Windows Store is a digital platform that allows for the distribution of applications. This platform offers both free and paid. Users use the Window Store to install applications that are of interest to them.Can you disable the Windows Store?Windows Store can be disabled via group policy to prevent users from installing applicati
Publish At:2020-07-02 19:42 | Read:537 | Comments:0 | Tags:VERT Vulnerability

VERT Threat Alert: June 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s June 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-888 on Wednesday, June 10th.In-The-Wild & Disclosed CVEsNone of the vulnerabilities resolved this month have been publicly disclosed or exploited according to Microsoft.CVE Breakdown by TagWhile hist
Publish At:2020-06-09 19:37 | Read:584 | Comments:0 | Tags:VERT

Tripwire Patch Priority Index for May 2020

Tripwire’s May 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Adobe, SaltStack, and VMware.Up first on the patch priority list this month are patches for VMware vCenter Server and SaltStack Salt. The Metasploit exploit framework has recently integrated exploits for VMware vCenter Server (CVE-2020-3952) and Sal
Publish At:2020-05-31 23:20 | Read:667 | Comments:0 | Tags:Featured Articles VERT microsoft Priority Patch Index vulner

VERT Threat Alert: May 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s May 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-884 on Wednesday, May 13th.In-The-Wild & Disclosed CVEsNone of the vulnerabilities resolved this month have been publicly disclosed or exploited according to Microsoft.CVE Breakdown by TagWhile histor
Publish At:2020-05-24 10:03 | Read:656 | Comments:0 | Tags:VERT

Tools

Keywords