Read Time:6 Second
FEDORA-2022-127b6e8a95
Packages in this update:
weechat-3.5-2.fc35
Update description:
Update to new upstream version.
Monthly Archives: May 2022
weechat-3.5-2.fc36
Read Time:6 Second
FEDORA-2022-d165104234
Packages in this update:
weechat-3.5-2.fc36
Update description:
Update to new upstream version.
weechat-3.5-2.fc34
Read Time:6 Second
FEDORA-2022-6e226a21ed
Packages in this update:
weechat-3.5-2.fc34
Update description:
Update to new upstream version.
CVE-2021-32958
Read Time:20 Second
Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions 3.0 through 3.2 allows an attacker with local command line interface access to gain the secret key, subsequently allowing them to generate valid session tokens for the web user interface (UI). With access to the web UI an attacker can access assets managed by the SRA installation and could compromise the installation.
python-ujson-5.3.0-1.el9
Read Time:25 Second
FEDORA-EPEL-2022-d81bc92178
Packages in this update:
python-ujson-5.3.0-1.el9
Update description:
5.3.0
Added
Test Python 3.11 beta
Changed
Benchmark refactor – argparse CLI
Fixed
Fix segmentation faults when errors occur while handling unserialisable objects
Fix segmentation fault when an exception is raised while converting a dict key to a string
Fix memory leak dumping on non-string dict keys
Fix ref counting on repeated default function calls
Remove redundant wheel dependency from pyproject.toml
CVE-2021-32941
Read Time:13 Second
Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are vulnerable to a stack-based buffer overflow, which allows an unauthorized remote attacker to execute arbitrary code with the same privileges as the server user (root).
CVE-2021-32935
Read Time:11 Second
The affected Cognex product, the In-Sight OPC Server versions v5.7.4 (96) and prior, deserializes untrusted data, which could allow a remote attacker access to system level permission commands and local privilege escalation.
python-ujson-5.3.0-1.fc36
Read Time:24 Second
FEDORA-2022-6f51a267c6
Packages in this update:
python-ujson-5.3.0-1.fc36
Update description:
5.3.0
Added
Test Python 3.11 beta
Changed
Benchmark refactor – argparse CLI
Fixed
Fix segmentation faults when errors occur while handling unserialisable objects
Fix segmentation fault when an exception is raised while converting a dict key to a string
Fix memory leak dumping on non-string dict keys
Fix ref counting on repeated default function calls
Remove redundant wheel dependency from pyproject.toml
USN-5436-1: libXrender vulnerabilities
Read Time:10 Second
Tobias Stoeckmann discovered that libXrender incorrectly handled certain
responses. An attacker could possibly use this issue to cause a denial
of service, or possibly execute arbitrary code.
(CVE-2016-7949, CVE-2016-7950)
How To Make Your SOC Identity-Aware and Efficient
Read Time:2 Minute, 7 Second
While an attacker only needs to be right once, security teams must be right every time. That’s why SOC teams must stop ransomware attackers from exploiting AD weaknesses.
Operating in shifts around the clock, Security Operations Center teams strive to prevent, detect and respond to cybersecurity threats and incidents. But in an evolving threat landscape where bad actors relentlessly attack critical assets such as Active Directory, security analysts find that traditional SIEM (Security Information and Event Management) solutions fall short. Consider major ransomware operators such as LockBit 2.0, Conti, and BlackMatter—they all used AD to introduce or propagate malware.
SOC teams rely on SIEM solutions to aggregate and correlate log and other data from assets across an organization’s IT infrastructure, including AD. While the SIEM is a powerful solution to monitor the network infrastructure in general, it was never designed for the specifics of AD security.
Key challenges faced by SOC teams include:
False positives: Analysts in the SOC struggle dealing with the myriad alerts generated by SIEM solutions, and pinpointing the few truly critical events. As a result, SOC teams spend too much time assessing countless false alarms, which impacts their ability to address real threats effectively.
Difficulty preventing backdoor creation: Recent ransomware attacks reveal that hackers increasingly understand they can easily gain unrestricted access to a victim’s AD environment by exploiting misconfigurations and creating backdoors. Combating this threat requires capabilities that go beyond what a SIEM has to offer.
Adding the intelligence piece to SIEM
How can SOC teams gain more visibility into AD so they can better detect threats that fall through the cracks of a traditional SIEM?
An AD-specific solution such as Tenable.ad does not just fill the gaps of a traditional SIEM but actually integrates with SIEMs to improve AD security and increase SOC efficiency, enhancing the organization’s cybersecurity posture. Tenable.ad adds the “AD intelligence” piece to your SIEM, eliminating false positives and zeroing-in on the critical vulnerabilities that must be addressed right away. With Tenable.ad, SOC teams boost their productivity and efficiency, and strengthen the security of their AD environments.
Read our white paper Must-Have #1: Make Your SOC Identity-Aware and you’ll learn:
Why SOC teams struggle to monitor Active Directory and to detect live attacks with generic SIEMs
How SOC teams can fill the gaps of their SIEM using an AD-specific solution
How Tenable.ad acts as a pre-SIEM solution to bolster security defenses and boost SOC efficiency