exploits & vulnerabilities

MacOS SUHelper Root Privilege Escalation Vulnerability A Deep Dive Into CVE-2022-22639

Posted on April 4, 2022April 5, 2022 by Admin

MacOS SUHelper Root Privilege Escalation Vulnerability A Deep Dive Into CVE-2022-22639 We discovered a now-patched vulnerability in macOS SUHelper, designated as CVE-2022-22639. If exploited, the vulnerability could allow malicious actors to gain root privilege escalation. By: Mickey Jin April 04, 2022 Read time: ( words) We discovered a vulnerability in suhelperd, a helper daemon process for Software Update in macOS. A class inside suhelperd, SUHelper, provides an essential system service through the inter-process communication (IPC)…

An In-Depth Look at ICS Vulnerabilities Part 1

Posted on March 30, 2022March 30, 2022 by Admin

In 2021, there were significant changes in the methods used by cyber attackers. More advanced destructive supply chain attacks also came to the surface this year. This has created an anxious environment, driving developments in cyber defense and the discovery of ICS-related CVEs. 2021’s timeline overview of major OT and ICS cyber incidents shows that modern criminal operations have become so developed that a service industry has emerged with a common business model – Ransomware-as-a-Service…

Will Russian Oil Ban Spur Increased Cyber-Attacks

Posted on March 9, 2022March 10, 2022 by Admin

On March 8, President Biden signed an Executive Order to ban the sale of Russian oil, liquefied natural gas and coal to the United States. With bipartisan support, the decision was made to deprive the Putin regime of the economic resources needed to wage war in Ukraine. However, marking as it does an escalation in punitive actions directed at the Russian state, it may also put US companies more directly in the firing line of…

This Week in Security News – February 25, 2022

Posted on February 25, 2022February 25, 2022 by Admin

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about how to protect your organization from cyberattacks targeting open-source servers. Also, read about the most recent cyberattack warnings following Biden’s sanctions on Russia. Read on:  Recent Cyberattacks Increasingly Target Open-source Web Servers As organizations reeled from the Log4Shell vulnerability (CVE-2021-44228), cyberattacks aiming at open-source web servers, like…

Global Cyberattacks: How to Manage Risk in Times of Chaos

Posted on February 24, 2022February 25, 2022 by Admin

Global Cyberattacks: How to Manage Risk in Times of Chaos Cyber Threats As global tension rises, cyber-risk management and security fundamentals are the key to cyber-resilience. 5 best practices are presented to manage your cyber risk. By: Trend Micro February 24, 2022 Read time: ( words) While it seems almost cliché now, we are living in unprecedented times. The global pandemic has forced organizations everywhere to deal not only with health and supply-chain challenges, but…

Recent Cyberattacks Increasingly Target Open-source Web Servers

Posted on February 22, 2022February 23, 2022 by Admin

Source: Apache HTTP Server Project Weaponized vulnerabilities lead to great risk Not only has the number of total Apache HTTP Server vulnerabilities gone up, but so has the number of weaponized vulnerabilities. Trend Micro detected that at least 15 of the 57 vulnerabilities found in the past five years were weaponized and used in malicious activities. The most common types of attack include denial of service (DoS), path traversal, server-side request forgery (SSRF), and remote…

Ukraine Cyberattack 2022: Geopolitical Cybersecurity

Posted on February 18, 2022February 19, 2022 by Admin

Europe is on a knife-edge. With over 130,000 Russian troops amassed on the Ukrainian border, the region is witnessing the biggest build-up of firepower since the cold war. Inevitably, there is also cyber-dimension to this conflict. Mounting attacks on Ukrainian websites and I.T. infrastructure are making policymakers in Washington and elsewhere nervous should tensions rise further. All of this comes amidst unprecedented US-Russian cooperation to crack down on organized cybercrime. However, CISOs should be clear:…

Security Automation with Vision One & Palo Alto

Posted on February 14, 2022February 15, 2022 by Admin

Security Automation with Vision One & Palo Alto APT & Targeted Attacks Trend Micro Vision One™ integrates with Palo Alto Networks Cortex™ XSOAR to drive automated response to incidents uncovered by Vision One. By: Trend Micro February 14, 2022 Read time: ( words) Trend Micro Vision One™ is at the core of our unified cybersecurity platform, delivering powerful, industry-leading extended detection and response (XDR), centralized visibility and risk insights. Vision One integrates with Palo Alto…

This Week in Security News – February 11, 2022

Posted on February 11, 2022February 11, 2022 by Admin

Read on:  Hidden Scams in Malicious Scans: How to Use QR Codes Safely The practical approach to life after COVID-19 is for people to learn to live with it and do what they can to manage it. One of the things that is likely to remain for the foreseeable future is the need for cashless and no-contact transactions. Many businesses have responded to this need through the use of quick response (QR) codes, however threats…

Detecting PwnKit (CVE-2021-4034) Using Trend Micro™ Vision One™ and Cloud One™

Posted on February 11, 2022February 11, 2022 by Admin

Detecting PwnKit (CVE-2021-4034) Using Trend Micro™ Vision One™ and Cloud One™ Exploits & Vulnerabilities This blog discusses how CVE-2021-4034 can be detected and blocked using Trend Micro™ Vision One™ and Trend Micro Cloud One™. By: Sunil Bharti, Nitesh Surana February 11, 2022 Read time: ( words) PolKit, or PolicyKit, is a component that handles system-wide policies and authorizations in Unix and Unix-like operating systems (OS), allowing non-privileged processes to communicate with privileged ones. PolKit’s pkexec…

« 1 … 4 5 6 7 8 9 »

MacOS SUHelper Root Privilege Escalation Vulnerability A Deep Dive Into CVE-2022-22639

An In-Depth Look at ICS Vulnerabilities Part 1

Will Russian Oil Ban Spur Increased Cyber-Attacks

Recent Cyberattacks Increasingly Target Open-source Web Servers

Security Automation with Vision One & Palo Alto

Detecting PwnKit (CVE-2021-4034) Using Trend Micro™ Vision One™ and Cloud One™

VMWARE

Helping Public Sector Organisations Define Cloud Strategy

How to change the VLAN ID of the Service Console in ESX from the command line/console

Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations

Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)

vSphere Client Parameters

Configuration Templates

CUE Licenses

Trouble shooting Unity Express with Call Manager Integeration & Operational Issues

CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms

SIP Phone registration – CME Configuration

CUE Voicemail + VPIM networking (CUE to unity)