RF Wave’s Post

SolarWinds fixes 8 critical bugs in access rights audit software https://lnkd.in/gJaZkRBA #Infosec #Security #Cybersecurity #CeptBiro #SolarWinds #Fix #CriticalBugs #AccessRights #AuditSoftware

SolarWinds fixes 8 critical bugs in access rights audit software https://lnkd.in/eTFk94kG #Infosec #Security #Cybersecurity #CeptBiro #SolarWinds #Fix #CriticalBugs #AccessRights #AuditSoftware

#SolarWinds has fixed eight #critical vulnerabilities in its Access Rights Manager (ARM) software, six of which allowed attackers to gain remote code execution (RCE) on vulnerable devices. Access Rights Manager is a critical tool in enterprise environments that helps admins manage and audit access rights across their organization's IT infrastructure to minimize threat impact. #cybersecurity #vulnerability #patch

SUMMARY: SolarWinds has addressed eight critical vulnerabilities in their Access Rights Audit software to enhance the security of their network monitoring platform. MAIN POINTS: - SolarWinds identified and fixed eight serious vulnerabilities within their Access Rights Audit software. - The vulnerabilities had the potential to be exploited by unauthorized users to gain elevated privileges. - SolarWinds has advised users to update to the latest version to ensure security. TAKEAWAYS: - Updating to the latest software version is crucial for maintaining security. - Unauthorized access vulnerabilities can lead to significant security risks. - Continuous monitoring and patching are essential for robust cybersecurity management. #SolarWinds #softwareupdate #cybersecuritynews

Out of the 15 most heavily exploited vulnerabilities in 2023, guess how many were in open source software? The answer shouldn't be surprising but I'd guess that it will be to some. Just one - Log4Shell. By LOC, usage, any metric you can think of OSS is dramatically more secure than any alternatives. The gap comes in organizational awareness (inventory management) and upgrade cycles. OSS is so easy to use that it can get deployed and forgotten about inside large organizations. No software is perfect, and everything needs to be patched eventually. https://lnkd.in/ewSd6nsV #oss #vulnerabilitymanagement #opensource #cybersecurity

⚠️ Windows Downgrade Attack: New Vulnerability Threatens System Security ⚠️ A newly identified Windows Downgrade Attack vulnerability allows attackers to exploit system downgrade mechanisms to bypass security updates and access older, less secure software versions. By forcing Windows systems into these downgrades, attackers can take advantage of outdated security measures, potentially gaining unauthorized access, escalating privileges, or compromising sensitive data. This attack underscores the importance of maintaining strict update policies and securing downgrade pathways to prevent exploitation. Security professionals advise reinforcing system policies to block unauthorized downgrades and monitoring system logs for unusual activity to detect potential threats early. For more information on this vulnerability and best practices for protection, see the source link: https://lnkd.in/duDMqj9X #CyberSecurity #WindowsSecurity #DowngradeAttack #InfoSec #SystemSecurity #Vulnerability #DataProtection #TechNews #ITSecurity

Latest Fortinet Vulnerability you need to address Today! Here is a list of the vulnerabilities along with their details and comments: CVE-2023-45590: Critical-severity vulnerability impacting FortiClient Linux, with a severity score of 9.4 out of 10.0. This vulnerability could enable remote code execution, allowing an unauthenticated attacker to execute arbitrary code via tricking a FortiClient Linux user into visiting a malicious website. CVE-2023-41677: High-severity vulnerability affecting FortiOS and FortiProxy, where credentials are insufficiently protected against theft in numerous versions of the systems. This flaw may allow an attacker to obtain the administrator cookie in rare and specific conditions, via tricking the administrator into visiting a malicious attacker-controlled website through the SSL-VPN. CVE-2023-45588 and CVE-2024-31492: High-severity vulnerabilities in FortiClientMac, involving a lack of configuration file validation. These vulnerabilities could potentially be exploited to execute arbitrary code or perform other malicious actions. Fortinet has not specified whether any of these vulnerabilities have been exploited in attacks. It is advisable for users of the affected products to apply patches or follow any mitigation guidance provided by Fortinet to protect against potential exploitation. Please read full article and make sure you have patched these in your FortiGate Environment. Here is the full article : https://lnkd.in/g5chFTju

Calling all #cybersecurity aficionados! #SolarWinds has patched up five remote code execution (RCE) flaws in its Access Rights Manager (ARM) solution. This includes three that were flagged as critical severity vulnerabilities that could lead to unauthenticated exploitation. SolarWinds patches 5 critical RCE flaws in Access Rights Manager, strengthening cybersecurity defenses against potential unauthenticated exploitation. The Nitty-Gritty of the #Vulnerabilities The three critical flaws were identified as CVE-2024-23476, CVE-2024-23479, and CVE-2023-40057. The former two are attributed to path traversal weaknesses, whereas the latter was brought about by deserialization of untrusted data. If left unpatched, #unauthenticated #attackers could #exploit these flaws to gain code execution on targeted systems. Furthermore, two other #bugs, CVE-2024-23477 and CVE-2024-23478, were also identified and can be used in RCE attacks. These have been rated by SolarWinds as #highseverity issues. #StaySecuritySavvy https://lnkd.in/eTgZzw7A

🚨 Critical OPA Vulnerability Exposes Windows Credentials 🚨 A recently patched vulnerability in Styra’s Open Policy Agent (OPA) poses a risk for Windows systems, enabling attackers to steal sensitive credentials. The flaw (CVE-2024-8260), uncovered by Tenable, could allow malicious actors to trick OPA into leaking NTLM credentials, potentially compromising millions of systems. Though not easy to exploit, this vulnerability increases in risk when combined with social engineering tactics or other vulnerabilities. If you're using OPA on Windows, it's essential to update to v0.68.0 to mitigate this threat. Organizations deploying OPA in cloud-native environments should be especially cautious, as dynamic inputs could increase exposure. Stay secure—patch immediately. 🔐 #CyberSecurity #Vulnerability #OPA #NTLM #Tenable #Infosec #CloudSecurity #Windows https://lnkd.in/dMBqr6h7

This is important. But it only applies if you stay up to date with the upstream open source projects. There are still a large amount of vulnerable Log4j out there in the wild, the vulnerable version is still downloaded daily. Open Source has security processes, but you only benefit from them if you have a relationship with upstream and follow their release schedule. Get your SBOM in order and start working. #OPENSOURCE #CVE #KEV #EPSS #SBOM