Articles about vulnerability

Industrial control system (ICS) vulnerability disclosures are increasing as recent high-profile cyberattacks on critical infrastructure and industrial enterprises have made ICS security a mainstream issue.

The latest biannual ICS Risk & Vulnerability Report released today by Claroty shows a 41 percent increase in ICS vulnerabilities disclosed in the first half of 2021 compared to the previous six months, which is particularly significant given that in all of 2020 they increased by 25 percent from 2019 and 33 percent from 2018.

Continue reading →

After a slump during the pandemic, vulnerability disclosures are once again showing growth according to the latest Vulnerability QuickView Report from Risk Based Security's VulnDB team.

The report shows 12,723 vulnerabilities disclosed during the first half of 2021 and the vulnerability disclosure landscape saw a growth of 2.8 percent compared to the same period in 2020.

Continue reading →

There are lots of good reasons for moving industrial control systems to the cloud including better telemetry and analysis of device performance, management of logic and remote device configuration, improved diagnostics and troubleshooting, a centralized view of processes.

But as more operational technology and lCS make the move, they become increasingly vulnerable to threats. ICS security specialist Claroty has unveiled its new Team82 research arm along with a report on critical vulnerabilities found in cloud-based management platforms for ICS.

Continue reading →

Security researchers from Eclypsium have discovered a total of four vulnerabilities in Dell's SupportAssist software. As the software is pre-installed on the majority of Dell machines running Windows, millions of systems are at risk of remote attack.

Eclypsium says that a total of 129 Dell models are affected by the security issues. The chain of vulnerabilities that leaves systems open to attack has a cumulative CVSS score of 8.3 (High) and there is a warning that they "pose significant risks to the integrity of Dell devices".

Continue reading →

In 2020 we saw a huge shift to remote working, with VPN often the technology of choice for keeping connections secure.

But a new Network Security Report from SpiderLabs at Trustwave reveals that this trend didn't go unnoticed by cybercriminals, with malicious actors targeting unpatched VPN vulnerabilities more frequently.

Continue reading →

A new study shows that 81 percent of development teams have knowingly pushed vulnerable code live, with 20 percent of senior managers even admitting to doing so often.

The report from Immersive Labs based on work by Osterman Research shows low confidence in application security in general, with only half of CISOs believing secure applications could be developed and just 44 percent of all security teams believing their company could withstand a SolarWinds style attack on their build environment.

Continue reading →

Despite a sharp decrease of 19.2 percent observed earlier in the year, vulnerability disclosures in 2020 are expected to exceed 2019's level according to Risk Based Security.

The company's VulnDB team aggregated 23,269 vulnerabilities disclosed during 2020. Despite the initial disruption from COVID-19, the trend of total number of vulnerabilities suggests that business operations and routines have normalized as the gap has closed to 0.98 percent.

Continue reading →

Security researchers have revealed details of a vulnerability in Sudo that could be exploited by an attacker to gain root privileges on a wide range of Linux-based systems.

News of the security flaw was shared by Qualys, and it has been described as "perhaps the most significant sudo vulnerability in recent memory". Worryingly, the heap-based buffer overflow bug has existed for almost a decade. It is known as Baron Samedit, tracked as CVE-2021-3156, and affects various versions of Sudo.

Continue reading →

A security researcher has revealed details of a strange bug that could result in an NTFS hard drive becoming corrupt in Windows 10, as well as the unsupported Windows XP. What makes the bug so serious and unusual is that it can be triggered without the user having to open a file.

The bug -- which has been shown to have been around for three years or so -- can cause a hard drive to be corrupted if a user simply views the contents of a folder that includes a specially crafted file. Although Microsoft is aware of the issue affecting the $i30 NTFS attribute, a fix has yet to be produced.

Continue reading →

The latest report from Risk Based Security reveals that the number of vulnerability disclosures this year is back on track to reach or surpass 2019 after a decline in the first quarter.

Earlier in the year there had been a sharp decline of 19.2 percent in the number of vulnerabilities disclosed. But on the latest figures Risk Based Security's VulnDB team aggregated 17,129 vulnerabilities disclosed during the first three quarters of 2020, marking a mere 4.6 percent gap when compared to last year.

Continue reading →

Virtual appliances are an inexpensive and relatively easy way for software vendors to distribute their wares for customers to deploy in public and private cloud environments, but new research shows appliances often have exploitable and fixable vulnerabilities, or are running on outdated or unsupported operating systems.

The Orca Security research study found 401,571 total vulnerabilities in scanning 2,218 virtual appliance images from 540 software vendors. This means less than eight percent of virtual appliances were free of known vulnerabilities.

Continue reading →

With 11,121 vulnerabilities disclosed during the first half of 2020, as the year progresses the total is expected to exceed that of 2019.

Although the number of vulnerabilities disclosed in the first half of 2020 decreased by 8.2 percent compared to the same period in 2019 due to the impact of COVID-19, but the Q2 vulnerability report from Risk Based Security does suggest some signs of a return to 'normal' levels.

Continue reading →

If you’re at all familiar with genealogy then you'll likely know both Ancestry and Family Tree Maker -- they an integral part of the pastime. Unfortunately, independent review site WizCase recently discovered an open and unencrypted ElasticSearch server that belonged to Software MacKiev, the owners of Family Tree Maker.

The leak exposed thousands of records including email addresses, user locations, and other sensitive personal information. FTM was owned by Ancestry.com until 2016 when Software MacKiev took it over, and the software is still used to upload databases to the Ancestry online trees.

Continue reading →

Researchers at Check Point have been working with Zoom to to fix a security issue that would have allowed hackers to manipulate organizations’ customizable Zoom 'Vanity URLs'.

The vulnerability would allow attackers to send legitimate-looking meeting invitations, with the aim of inserting malware and stealing data or credentials from unsuspecting victims.

Continue reading →

As part of this month's Patch Tuesday, Microsoft has issued a fix for a 17-year-old Windows DNS Server vulnerability. Known as SIGRed and tracked as CVE-2020-1350, the flaw is a serious one that has been assigned a CVSS base score of 10.0.

The vulnerability affects all version of Windows Server and is a wormable remote code execution flaw that requires no user interaction. In addition to issuing a critical patch, Microsoft has also provided details of a workaround for anyone who is unable to deploy the fix immediately

Continue reading →