Tripwire‘s November 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Adobe, and Oracle. First on the patch priority list this month are three vulnerabilities in Oracle WebLogic Server that have recently been included within the Metasploit exploit framework. Supported versions of Oracle WebLogic Server that are affected include 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Up next on the patch priority list this month are patches for Microsoft Scripting Engine, Browser, and Microsoft…

A Russian national has been sentenced to five years after being found guilty by a French court of large-scale money laundering, although charges relating to his alleged involvement in ransomware development were dropped. Alexander Vinnik was extradited at the start of 2020 to France from Greece, where he had been since his arrest there in 2017. The US authorities indicted him that year for laundering over $4bn in funds via his Bitcoin exchange, BTC-e. They…

In this blog series, I will be putting the spotlight on useful Ghidra features that you may have missed. Each post will look at a different feature and show how it helps you save time and be more effective while reverse engineering. Ghidra is an incredibly powerful tool, but much of this power comes from knowing how to use it effectively. What is Cursor Text Highlighting? In this post, I will be discussing the Cursor…

Organizations face an ever-evolving threat landscape. With this in mind, it is imperative that organizations keep an up-to-date vulnerability management policy for remediating and controlling security vulnerabilities that may lead to a breach. A good vulnerability management policy should contain the following: An Overview of what the policy is intended to do. The Scope of the policy. Roles and Responsibilities under the organization. Vulnerability Remediation/Risk Mitigation. Overview Taking the time to give a short summary…