If you want just to see how to find HAFNIUM Exchange Zero-Day Activity, skip down to the “detections” sections. Otherwise, read on for a quick breakdown of what happened, how to detect it, and MITRE ATT&CK mappings.
One of our missions at Snyk is a simple one: help developers fix things easily. We further our mission by releasing features and improvements as quickly as possible, but it’s also just as important that developers have an experience which helps them gain as much value from Snyk as possible. This includes being able to quickly understand what needs to be fixed, and making that task incredibly easy.
It is imperative for any national security agency to diagnose, identify, and address the possible vulnerabilities within their defence system to avert exploitation of the nation’s security.
Considering the continuous increase in cybersecurity attacks targeting large organizations over the past few years and regulations like PCI DSS, HIPAA, NIST 800-731 – to name a few – it’s no surprise that enterprise investment in vulnerability management is on the rise. Detecting, prioritizing, and remediating security vulnerabilities in today’s rapidly evolving threat landscape is no small feat.
When it comes to securing your applications, it’s not unusual to only consider the risks from your first-party code. But if you’re solely considering your own code, then your attack surface is likely bigger than you think. Our recent State of Software Security report found that 97 percent of the typical Java application is made up of open source libraries. That means your attack surface is exponentially larger than just the code written in-house.
Find out how the additions of threat intelligence-led exploit database will enhance and affect your vulnerability management findings in Outpost24.
XML External Entities (XXE or XML injection) is #4 in the current OWASP Top Ten Most Critical Web Application Security Risks.
I recently discovered that all versions of Windows Server 2012 (but not Server 2012 R2) are affected by a DLL hijacking vulnerability that can be exploited for privilege escalation. Moreover, the flaw can be triggered by a regular user and does not require a system reboot. Sounds like a pretty big deal, right? Well, not according to Microsoft, unfortunately.
Every week, our global community of hand-picked Detectify Crowdsource ethical hackers submit new vulnerabilities that we make available to our users as automated security tests. In the new series Vuln of the Month, we deep-dive into an especially interesting vulnerability that was added to our scanner in the past month. First up: CVE-2020-10148, SolarWinds Orion Authentication Bypass. In January, Detectify added a security test for CVE-2020-10148, SolarWinds Orion Authentication Bypass.
Sensitive data exposure is #3 in the current OWASP top Ten Most Critical Web Application Security Risks.
