Foxit Patches Code Execution Vulnerabilities in PDF Software
The Chinese software company’s tools allow users to create and edit PDF files, as well as secure them when necessary. Foxit also offers products under a freemium licensing model. Last week, the company released security updates for both Foxit PhantomPDF Mac and Foxit Reader Mac, to address a vulnerability that could result in code injection…
Microsoft Publishes Guide to Securing Systems Vulnerable to Zerologon Attacks
Addressed on August 2020 Patch Tuesday, the flaw was identified in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC) and can be abused by remote attackers to compromise Active Directory domain controllers and gain administrator access. To exploit the flaw, which is tracked as CVE-2020-1472, an unauthenticated attacker would need to run a specially crafted application…
Offensive Security releases Win-KeX 2.0, packed with new features
Win-KeX provides a Kali Desktop Experience for Windows Subsystem for Linux (WSL 2), and version 2.0 comes with useful features. Win-KeX 2.0 features Win-KeX SL (Seamless Edition) – no more borders Sound support Multi-session support KeX sessions can be run as root Able to launch “kex” from anywhere – no more cd-ing into the Kali…
Securing Microsoft Teams: The options are limited
As more remote work from home happens, your collaboration tools need more scrutiny. A popular choice for instant messaging and video conferencing is Microsoft’s Teams, and securing this application will be a challenge. Teams already has had one major exploit that would allow a malicious actor to use the Microsoft Teams Updater to download any…
How to optimize Windows event logging to better investigate attacks
After a compromise, the first thing investigators will do is review the log files. The default logging on Windows machines, however, does not capture enough information to identify forensic artifacts. You can adjust your logging settings to get enough information to investigate attacks. First, download and install Sysmon on outward-facing machines. Sysmon remains resident across…
FBI, NSA Share Details on New ‘Drovorub’ Linux Malware Used by Russia
Drovorub, a joint advisory from the NSA and the FBI reveals, is being employed by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) military unit 26165, which is better known as the cyber-espionage group APT 28 (Fancy Bear, Pawn Storm, Strontium, Sednit, Tsar Team). APT 28 is believed to…
Cisco fixes critical flaws in data center and SD-WAN solutions
Cisco has released another batch of critical security updates for flaws in Cisco Data Center Network Manager (DCMN) and the Cisco SD-WAN Solution software. Cisco Data Center Network Manager flaws Cisco Data Center Network Manager is the network management platform for all NX-OS-enabled deployments, spanning new fabric architectures, IP Fabric for Media, and storage networking…
Businesses are preparing for a cloud-based approach to applications
While most enterprises are committed to modernizing their application software portfolios, there are still myriad challenges to overcome and improvements to be made, according to a survey conducted by Hanover Research. According to the report, application development functions have a full agenda for the next 12 months, with the majority seeking improvements in speed, quality…
Latest Microsoft Windows security update options explained
The need to manage patching on home machines that have no Group Policy, Windows Server Update Services (WSUS) or System Center Configuration Manager (SCCM) control means that you may be looking for alternatives. Employees’ personal machines might run Windows 10 Home version, which has limited ability to control updates. With corporate-owned machines you have more…
CyberStrong platform updates allow customers to dynamically manage their risk posture
CyberSaint announced new updates to its flagship CyberStrong platform allowing customers to identify, measure, and dynamically manage IT and cybersecurity risks along the risk management lifecycle. These updates reinforce CyberSaint’s mission to enable organizations to manage cybersecurity as a business function by enabling agility, measurement, and automation across risk, compliance, audit, vendor, and governance functions…