Today’s VERT Alert addresses Microsoft’s July 2022 Security Updates. VERT is actively working on coverage for these Patch Tuesday vulnerabilities and expects to ship ASPL-1011 on Wednesday, July 13th.
In-The-Wild & Disclosed CVEs
CVE-2022-22047
Microsoft is reporting this month that a single vulnerability in the Windows Client/Server Runtime...
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of June 20, 2022. I’ve also included some comments on these stories.
Over a Dozen Flaws Found in Siemens' Industrial Network...
Today’s VERT Alert addresses Microsoft’s June 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1007 on Wednesday, June 15th.
In-The-Wild & Disclosed CVEs
None of the vulnerabilities patched this month have been exploited in-the-wild or publicly disclosed according to Microsoft. However,...
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of June 06, 2022. I’ve also included some comments on these stories.
Another nation-state actor exploits Microsoft Follina to...
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of May 30, 2022. I’ve also included some comments on these stories.
Vendor Refuses to Remove Backdoor Account That Can Facilitate...
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of May 16, 2022. I’ve also included some comments on these stories.
Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls...
Today’s VERT Alert addresses Microsoft’s May 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1002 on Wednesday, May 11th.
CVE-2022-26925
In-The-Wild & Disclosed CVEs
Based on Microsoft’s limited documentation, this appears to be a resurgence and/or improved version of PetitPotam. This...
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of May 2, 2022. I’ve also included some comments on these stories.
Microsoft Azure Vulnerability Exposes PostgreSQL Databases to...
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of April 25, 2022. I’ve also included some comments on these stories.
Homeland Security bug bounty program uncovers 122 holes in...
We all know that it is a question of when you will be compromised and not if you will be compromised. It is unavoidable. The goal of CIS Control 17 is to ensure that you are set up for success when that inevitable breach occurs. If an organization is neither equipped nor prepared for that potential data breach, they are not likely to succeeded in...
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of April 18, 2022. I’ve also included some comments on these stories.
CISA Alert on ICS, SCADA Devices Highlights Growing...
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of April 11, 2022. I’ve also included some comments on these stories.
Microsoft's Autopatch feature improves the patch management...
Today’s VERT Alert addresses Microsoft’s April 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-996 on Wednesday, April 13th.
In-The-Wild & Disclosed CVEs
CVE-2022-24521
While not previously publicly disclosed, Microsoft is reporting that they have seen active exploitation of this...
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of April 4, 2022. I’ve also included some comments on these stories.
Borat RAT, a new RAT that performs ransomware and DDoS...
In recent years, cyber espionage has been growing in magnitude and complexity. One of the most common targets is Industrial Control Systems (ICS) within critical infrastructure sectors. With many organizations relying more heavily on ICS networks, there has been an increase in threats and cyberattacks aimed at these systems. Not only do these attacks...
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of March 28, 2022. I’ve also included some comments on these stories.
Muhstik Botnet Targeting Redis Servers Using Recently...
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of March 21, 2022. I’ve also included some comments on these stories.
Misconfigured Firebase Databases Exposing Data In Mobile...
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of March 14, 2022. I’ve also included some comments on these stories.
Most Orgs Would Take Security Bugs Over Ethical Hacking...
Today’s VERT Alert addresses Microsoft’s March 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-989 on Wednesday, March 9th.
In-The-Wild & Disclosed CVEs
CVE-2022-21990
CVE-2022-21990 describes a code execution vulnerability within Remote Desktop Client. The vulnerability requires that a...