News – Page 496

Qualys scans Red Hat Enterprise Linux CoreOS on Red Hat OpenShift to reduce risk

Posted on 8 August 2021

From helpnetsecurity.com

Qualys announced it has collaborated with Red Hat to drive greater security for both the container and host operating system for Red Hat OpenShift.

Teaming with Red Hat, Qualys is offering a unique approach providing a containerized Qualys Cloud Agent that extends security to the operating system. The Cloud Agent for Red Hat Enterprise Linux CoreOS on OpenShift combined with the Qualys solution for Container Security provides continuous discovery of packages and vulnerabilities for the complete Red Hat OpenShift stack. Built on the Qualys Cloud Platform, Qualys’ solution seamlessly integrates with customers’ vulnerability management workflows, reporting and metrics to help reduce risk.

Web Application Penetration Testing Checklist – A Detailed Cheat Sheet

Posted on 8 August 2021

From cert.bournemouth.ac.uk

Web Application Penetration Testing Checklist – A Detailed Cheat Sheet

Web Application Pentesting is a method of identifying, analyzing and Report the vulnerabilities which are existing in the Web application including buffer overflow, input validation, code Execution, Bypass Authentication, SQL Injection, CSRF, Cross-site scripting in the target web Application which is given for Penetration Testing.

Repeatable Testing and Conduct a serious method One of the Best Method conduct Web Application Penetration Testing for all kind of web application vulnerabilities.

A zero-day RCE in Cisco ADSM has yet to be fixed

Posted on 8 August 2021

From securityaffairs.co

Cisco provided an update on a remote code execution (RCE) vulnerability (CVE-2021-1585) in the Adaptive Security Device Manager (ADSM) Launcher, the IT giant confirmed that the flaw has yet to be addressed.

Cisco Adaptive Security Device Manager (ASDM) provided a local, web-based interface to allow customers to manage Cisco Adaptive Security Appliance (ASA) firewalls and the Cisco AnyConnect Secure Mobility clients.

The vulnerability affects ADSM software versions from releases ‘9.16.1 and earlier.

“A vulnerability in the Cisco Adaptive Security Device Manager (ASDM) Launcher could allow an unauthenticated, remote attacker to execute arbitrary code on a user’s operating system.

Anatomy of native IIS malware

Posted on 7 August 2021

From welivesecurity.com

ESET researchers have discovered a set of previously undocumented malware families, implemented as malicious extensions for Internet Information Services (IIS) web server software. Targeting both government mailboxes and e-commerce transactions, as well as aiding in malware distribution, this diverse class of threats operates by eavesdropping on and tampering with the server’s communications.

Along with a complete breakdown of the newly discovered families, our new paper, Anatomy of native IIS malware, provides a comprehensive guide to help fellow security researchers and defenders detect, dissect and mitigate this class of server-side threats. In this blogpost, we summarize the findings of the white paper.

SOC Third Defense Phase – Understanding Your Organization Assets

Posted on 7 August 2021

From gbhackers.com

In our first phase, we have seen the basic defense mechanisms which were recommended in organizations.

In our second phase, we have seen the understanding and the importance of the behaviors of modern-day malware to encounter.

In this third phase, we are going to see the importance of understanding your organization assets to provide better security.

Process Dump: Windows reverse-engineering command-line tool

Posted on 7 August 2021

From securityonline.info

Process Dump is a Windows reverse-engineering command-line tool to dump malware memory components back to disk for analysis. Often malware files are packed and obfuscated before they are executed in order to avoid AV scanners, however, when these files are executed they will often unpack or inject a clean version of the malware code in memory. A common task for malware researchers when analyzing malware is to dump this unpacked code back from memory to disk for scanning with AV products or for analysis with static analysis tools such as IDA.

AI Wrote Better Phishing Emails Than Humans in a Recent Test

Posted on 7 August 2021

From wired.com

NATURAL LANGUAGE PROCESSING continues to find its way into unexpected corners. This time, it’s phishing emails. In a small study, researchers found that they could use the deep learning language model GPT-3, along with other AI-as-a-service platforms, to significantly lower the barrier to entry for crafting spearphishing campaigns at a massive scale.

Researchers have long debated whether it would be worth the effort for scammers to train machine learning algorithms that could then generate compelling phishing messages. Mass phishing messages are simple and formulaic, after all, and are already highly effective. Highly targeted and tailored “spearphishing” messages are more labor intensive to compose, though. That’s where NLP may come in surprisingly handy.