Today’s VERT Alert addresses Microsoft’s February 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-928 on Wednesday, February 10th.In-The-Wild & Disclosed CVEsCVE-2021-1732A vulnerability in Win32k that allows for privilege escalation has been exploited in the wild. The Cybersecurity and Infra

Tripwire’s January 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Dnsmasq and Oracle.First on the patch priority list this month are patches for Dnsmasq related to the seven so-called “DNSpooq” vulnerabilities. Dnsmasq is an open-source DNS forwarding application, and systems using this software sh

Tripwire‘s December 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Pulse Secure, and Oracle.First on the patch priority list this month are two vulnerabilities that have recently been included within the Metasploit exploit framework. One is a vulnerability in Pulse Secure Desktop Client and the other is a vuln

It’s been a little while since we last reviewed a book, but a lot of my team has been spending time with Ghidra this year. Craig Young taught a course on the subject, and I’ve used it with my students at Fanshawe College in their Malware Analysis course. Given our fascination with Ghidra, reviewing The Ghidra Book: The Definitive Guide by Chris Eagle and Kar

Vulnerability DescriptionThe United States Cybersecurity & Infrastructure Security Agency (CISA) has advised that an advanced persistent threat (APT) actor was able to insert sophisticated malware into officially signed and released updates to the SolarWinds network management software [1]. The attacks have been ongoing since at least March 2020 and CISA

Today’s VERT Alert addresses Microsoft’s December 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-918 on Wednesday, December 9th.In-The-Wild & Disclosed CVEsThere are no In-The-Wild or Disclosed CVEs patched this month.CVE Breakdown by TagWhile historical Microsoft Security Bulletin groupings

Tripwire‘s November 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Adobe, and Oracle.First on the patch priority list this month are three vulnerabilities in Oracle WebLogic Server that have recently been included within the Metasploit exploit framework. Supported versions of Oracle WebLogic Server that are af

Today’s VERT Alert addresses Microsoft’s November 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-915 on Wednesday, November 11th. Note: Microsoft has changed their advisory format and no longer provides basic vulnerability descriptions.In-The-Wild & Disclosed CVEsCVE-2020-17087This CVE descr

Tripwire‘s October 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Apple, Adobe, and Oracle.First on the patch priority list this month is a very high priority vulnerability in Oracle WebLogic Server. The vulnerability is within the Console component of Oracle WebLogic Server, and it can be exploited without au

A WebLogic server vulnerability fixed by the October CPU has come under active exploitation after a Vietnamese language blog post detailed the steps needed to bypass authentication and achieve remote code execution on unpatched systems. Although there have been a series of actively exploited WebLogic deserialization bugs, the exploit payload in this case imm

Vulnerability DescriptionTripwire VERT has identified a stack-based buffer overflow in SonicWall Network Security Appliance (NSA). The flaw can be triggered by an unauthenticated HTTP request involving a custom protocol handler. The vulnerability exists within the HTTP/HTTPS service used for product management as well as SSL VPN remote access.Exposure and Im

Today’s VERT Alert addresses Microsoft’s October 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-909 on Wednesday, October 14th.In-The-Wild & Disclosed CVEsCVE-2020-16938This CVE describes an information disclosure in the Windows kernel that could allow a local attacker to disclose informatio

Tripwire‘s September 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Apple, and various Linux distributions.Up first on the patch priority list this month is a very high priority vulnerability, which is called “Zerologon” and identified by CVE-2020-1472. It is an elevation of privilege vulnerability

Today’s VERT Alert addresses Microsoft’s September 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-903 on Wednesday, September 9th.In-The-Wild & Disclosed CVEsThere were no in-the-wild or disclosed CVEs included in this month’s security guidance.CVE Breakdown by TagWhile historical Microsoft

Tripwire‘s August 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Adobe, and Apple.Up first on the patch priority list this month are patches for Microsoft and Apple for vulnerabilities that have been integrated into various exploits. Metasploit has recently added exploits for Microsoft .NET Framework, SharePoi