USN-5462-1: Ruby vulnerabilities

Read Time:16 Second

It was discovered that Ruby incorrectly handled certain regular expressions.
An attacker could possibly use this issue to execute arbitrary code. This
issue only affected Ubuntu 22.04 LTS. (2022-28738)

It was discovered that Ruby incorrectly handled certain inputs.
An attacker could possibly use this issue to expose sensitive information.
(CVE-2022-28739)

Read More

USN-5461-1: FreeRDP vulnerabilities

Read Time:21 Second

It was discovered that FreeRDP incorrectly handled empty password values. A
remote attacker could use this issue to bypass server authentication. This
issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10.
(CVE-2022-24882)

It was discovered that FreeRDP incorrectly handled server configurations
with an invalid SAM file path. A remote attacker could use this issue to
bypass server authentication. (CVE-2022-24883)

Read More

USN-5460-1: Vim vulnerabilities

Read Time:2 Minute, 5 Second

It was discovered that Vim was incorrectly processing Vim buffers.
An attacker could possibly use this issue to perform illegal memory
access and expose sensitive information. (CVE-2022-0554)

It was discovered that Vim was not properly performing bounds checks
for column numbers when replacing tabs with spaces or spaces with
tabs, which could cause a heap buffer overflow. An attacker could
possibly use this issue to cause a denial of service or execute
arbitrary code. (CVE-2022-0572)

It was discovered that Vim was not properly performing validation of
data that contained special multi-byte characters, which could cause
an out-of-bounds read. An attacker could possibly use this issue to
cause a denial of service. (CVE-2022-0685)

It was discovered that Vim was incorrectly processing data used to
define indentation in a file, which could cause a heap buffer
overflow. An attacker could possibly use this issue to cause a denial
of service. (CVE-2022-0714)

It was discovered that Vim was incorrectly processing certain regular
expression patterns and strings, which could cause an out-of-bounds
read. An attacker could possibly use this issue to cause a denial of
service. (CVE-2022-0729)

It was discovered that Vim was not properly performing bounds checks
when executing spell suggestion commands, which could cause a heap
buffer overflow. An attacker could possibly use this issue to cause a
denial of service or execute arbitrary code. (CVE-2022-0943)

It was discovered that Vim was incorrectly performing bounds checks
when processing invalid commands with composing characters in Ex
mode, which could cause a buffer overflow. An attacker could possibly
use this issue to cause a denial of service or execute arbitrary
code. (CVE-2022-1616)

It was discovered that Vim was not properly processing latin1 data
when issuing Ex commands, which could cause a heap buffer overflow.
An attacker could possibly use this issue to cause a denial of
service or execute arbitrary code. (CVE-2022-1619)

It was discovered that Vim was not properly performing memory
management when dealing with invalid regular expression patterns in
buffers, which could cause a NULL pointer dereference. An attacker
could possibly use this issue to cause a denial of service.
(CVE-2022-1620)

It was discovered that Vim was not properly processing invalid bytes
when performing spell check operations, which could cause a heap
buffer overflow. An attacker could possibly use this issue to cause a
denial of service or execute arbitrary code. (CVE-2022-1621)

Read More

Apple protected App Store users from $1.5 billion fraud last year

Read Time:23 Second

Apple says that it protected many millions of users from being defrauded to the tune of nearly $1.5 billion dollars in the last year, by policing its official App Store.

According to a newly published report by Apple, over 1.6 million risky and untrustworthy apps and app updates were stopped in their tracks due to the company’s fraud prevention analysis.

Read more in my article on the Tripwire State of Security blog.

Read More

Bringing External Attack Surface Management to the Masses with Bit Discovery

Read Time:5 Minute, 9 Second

External Attack Surface Management (EASM) is an essential foundation of cybersecurity best practices. Soon, you’ll be able to take advantage of automated attack surface discovery in Tenable products.

Visibility remains at the heart of cybersecurity today. Full and complete visibility — of assets, data, exposures, privileges, threats — is essential in order to adequately defend against adversaries and cyber criminals. There is a reason why the first two controls in the CIS Controls and the first Framework Core Function in the NIST Cybersecurity Framework call out inventory and identification as critical functions of cybersecurity best practices. It isn’t hyperbole to state that nearly all security controls and best practices hinge on visibility in order to be effective.

This insight isn’t necessarily new to many of our readers. We at Tenable have been discussing the importance of comprehensive visibility for many years, since effective vulnerability management is also highly dependent on it. Yet, full asset visibility remains one of cybersecurity’s most elusive goals and organizations’ Achilles’ heel. Consider these recent examples:

Log4Shell vulnerability. The inability to discover or detect log4j libraries has dramatically slowed remediation efforts since Java files can be deeply embedded inside applications and source code.
Open Kubernetes clusters. Researchers recently discovered more than 240,000 Kubernetes clusters were publicly exposed to the public internet with open kubelet ports that could be easily exploited by threat actors. 
Equifax breach. According to a U.S. Federal Trade Commission report, Equifax was not able to discover vulnerable versions of Apache Struts because the company did not maintain an accurate inventory of public-facing applications.
Las Vegas Sands casino breach. Nation-state actors attacked a previously unknown web subdomain and test server to establish a beachhead to launch destructive malware that erased corporate data and halted operations. 

The reality is that gaining comprehensive visibility and discovering all assets across the attack surface is challenging. Many assets are highly dynamic and ephemeral in the era of cloud, which means they can be difficult to detect using traditional scanning. New asset deployments are becoming decentralized with many application and development teams across different business units and subsidiaries spinning up their own cloud workloads and web applications without informing their cybersecurity teams. Mergers and acquisitions create even more challenges as the parent organization often has limited visibility into the acquired company’s external attack surface. And there is tremendous asset sprawl with many assets outliving their initial use and running without ongoing upkeep or lifecycle management. The result is that many organizations can only see a fraction of their digital footprint, leading to significant blind spots and pockets of cyber risk.

Visibility = External Attack Surface Management + Risk-based VM

External Attack Surface Management (EASM) is becoming an essential cybersecurity technology to help organizations discover internet-facing assets and resources, providing an outside-in perspective of probable entry points. EASM solutions scan the internet to create an inventory of internet-accessible assets and then map relationships between those assets and the organizations that own them. When combined with Risk-based Vulnerability Management, EASM dramatically improves visibility for cybersecurity teams so they can begin to assess previously unknown assets for cyber risks. And these aren’t just any old assets — EASM focuses on internet-facing assets that could also be targeted by cybercriminals and be leveraged as an entry point in the attack path.

This is one of the many reasons why Tenable acquired Bit Discovery. We believe every organization needs to have full visibility into their assets, especially internet-facing ones, to fully understand where, exactly, they might be exposed. Bit Discovery has built one of the largest attack surface maps in the world using 500 data sources to identify more than 5 billion assets. Their technology combines IP addresses, hostnames, ports, website URLs, WHOIS records, Autonomous System Numbers (ASN) data, and much more, to discover assets and help security teams establish their complete digital footprint in just a few minutes. And automation allows security teams to not only enumerate known assets, but continuously discover unknown assets every 24 hours. 

However, Bit Discovery goes beyond providing automated external asset discovery. It also provides extensive context and attribution details for each asset with over 150 metadata fields such as CMS type, TLS certificate status, geo-IP physical location, and cloud or CDN provider. This additional context is critical for helping cybersecurity teams determine asset criticality, identify asset ownership and help make more informed decisions based on potential exposure.

Now we can help you know what you own, what’s running — and what shouldn’t be running — to reduce your cyber risk.

Bringing EASM to the masses

As a result of this acquisition, Tenable will be incorporating Bit Discovery capabilities across our product portfolio. Our goal is to ensure all of our 40,000 customers have access to and deploy this technology to dramatically improve visibility and reduce cyber risk. Bit Discovery will help Tenable customers get the context of potential attack paths from external systems to critical assets throughout their organization, providing the most complete measure of their overall exposure.

We’re excited to announce that we’re integrating key Bit Discovery functionality — at no additional cost — into Tenable.io, Tenable.sc and Tenable.ep. Starting in early Q3, customers will have the ability to launch a new attack surface discovery scan that refreshes each quarter to provide visibility into all internet-facing assets owned by an organization.

We have also announced today a new offering, Tenable.asm, that will provide the full breadth of Bit Discovery capabilities, including additional context and attribution information of exposed assets and continuous monitoring of the constantly changing external attack surface. Tenable.asm will be an add-on solution to Tenable.io, Tenable.sc and Tenable.ep, and will be available in early Q3 for purchase. 

Join us at RSA Conference 2022!

If you’re attending RSA Conference 2022, please stop by booth #6245 at the North Expo to learn more about Bit Discovery and our upcoming product integrations. 

Stay tuned for more information in the coming weeks. We’ll be providing additional product details in upcoming Tenable webinars, Tenable Community posts and Tenable Product Education videos.

Read More