Blog

Blog

VERT Threat Alert: March 2024 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s March 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1097 as soon as coverage is completed. In-The-Wild & Disclosed CVEs There were no in-the-wild or disclosed CVEs included in the March Patch Tuesday release. CVE Breakdown by Tag While historical Microsoft Security Bulletin groupings are gone...
Blog

#TripwireBookClub – Black Hat GraphQL

The most recent book that we’ve read over here is Black Hat GraphQL: Attacking Next Generation APIs written by Dolev Farhi and Nick Aleks . The book is described as being for, “anyone interested in learning how to break and protect GraphQL APIs with the aid of offensive security testing.” As someone who works primarily with REST APIs , I was more interested in the introduction that it offered to...
Blog

Tripwire Patch Priority Index for February 2024

Tripwire's February 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft, ConnectWise, and Google. First on the patch priority list are patches for ConnectWise ScreenConnect, Microsoft Exchange Server, Microsoft Windows SmartScreen, and Microsoft Windows Internet Shortcut files. These CVEs (CVE-2024-1709, CVE-2024-21410, CVE-2024-21351, CVE-2024-21412) have been...
Blog

VERT Threat Alert: February 2024 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s February 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1093 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-21351 This CVE describes a bypass in the Windows SmartScreen Security Feature. At this point, these bypasses have become relatively common and are frequently...
Blog

3 Tips for Enterprise Patch Management

With all the technology we have today, installing software updates has become a near-daily, full-time activity. Patch management for large-scale enterprise IT systems can be one of the most stressful parts of an IT professional’s job. In today’s large and evolving IT networks where many new services are going online every day and software components are flying straight from the supply chain to the...
Blog

Tripwire Patch Priority Index for January 2024

Tripwire's January 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft, Apple, Google, and Atlassian. First on the patch priority list are patches for Apple, Google Chromium V8, and Atlassian Confluence Data Center and Server. These CVEs have been added to CISA's Known Exploited Vulnerabilities (KEV) catalog. For Apple, note that CVE-2024-02322 impacts Apple iOS...
Blog

Critical flaw found in WordPress plugin used on over 300,000 websites

A WordPress plugin used on over 300,000 websites has been found to contain vulnerabilities that could allow hackers to seize control. Security researchers Ulyses Saicha and Sean Murphy found two critical flaws in the POST SMTP Mailer plugin. The first flaw made it possible for attackers to reset the plugin's authentication API key and view sensitive logs (including password reset emails) on the...
Blog

VERT Threat Alert: January 2024 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s January 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1088 as soon as coverage is completed. In-The-Wild & Disclosed CVEs There were no in-the-wild or disclosed CVEs included in the January Patch Tuesday drop. CVE Breakdown by Tag While historical Microsoft Security Bulletin groupings are...
Blog

Tripwire Patch Priority Index for December 2023

Tripwire's December 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google. First on the patch priority are patches for Google Chrome and Microsoft Edge (Chromium-based) that resolve elevation of privilege, remote code execution, and information disclosure vulnerabilities. Please note that CVE-2023-7024 for Chrome is on the CISA Known Exploited...
Blog

How to Reduce Your Attack Surface

What is an Attack Surface? An attack surface is the total number of channels, pathways, or areas that threat actors can utilize to gain unauthorized access to networks. The result is that they can obtain private information or carry out a cyber-attack. An attack surface comprises the organizational assets a threat actor can exploit to gain unauthorized access. Attack surfaces include systems that...
Blog

The History of Patch Tuesday: Looking back at the first 20 years

One of the most critical aspects of cybersecurity is ensuring that all software is kept up to date with the latest patches. This is necessary to cover any vulnerabilities that cybercriminals could take advantage of in order to infiltrate an organization and launch an attack. With the volume of updates and the effort needed to install and configure them, it is good to know precisely when patches...
Blog

VERT Threat Alert: December 2023 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s December 2023 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1086 on Wednesday, December 13th. In-The-Wild & Disclosed CVEs CVE-2023-20588 AMD has released AMD-SB-7007 – Speculative Leaks Security Notice , which describes how some AMD processors can potentially return speculative data after a...
Blog

Tripwire Patch Priority Index for November 2023

Tripwire's November 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority are patches for Microsoft Edge (Chromium-based) that resolve elevation of privilege, remote code execution, and spoofing vulnerabilities. Next on the patch priority list this month are patches for Microsoft Office and Excel that resolve 3 remote code execution...
Blog

Guarding the Grid: Navigating the Current and Future Landscape of Utility Cybersecurity

Tripwire recently held its annual Energy and NERC Compliance Working Group. This year's attendees included more than 200 Tripwire customer utility personnel representing over 80 different registered entities from all across the US and Canada. The company sizes ranged from public utility districts and city municipalities to medium and larger-sized investor-owned utilities, including many of the...
Blog

VERT Threat Alert: November 2023 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s November 2023 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1082 on Wednesday, November 15th. In-The-Wild & Disclosed CVEs CVE-2023-36033 A vulnerability in the Microsoft Desktop Window Manager (DWM) could allow an attacker to gain SYSTEM level privileges. This vulnerability has been publicly...
Blog

CherryBlos, the malware that steals cryptocurrency via your photos - what you need to know

What's the deal with CherryBlos? CherryBlos is a rather interesting family of Android malware that can plunder your cryptocurrency accounts - with a little help from your photos. Wait. I've heard of hackers stealing photos before, but what do you mean by malware stealing cryptocurrency via my photos? How does it do that? Well, imagine you have sensitive information - such as details related to...
Blog

Tripwire Patch Priority Index for October 2023

Tripwire's October 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority is a patch for Microsoft Edge (Chromium-based) that resolves a type confusion vulnerability. Next on the patch priority list this month are patches for Microsoft Office that resolve 3 elevation of privilege vulnerabilities. Next are patches that affect components...
Blog

Container Security Essentials: Vulnerability Scanning and Change Detection Explained

Containers offer a streamlined application deployment and management approach. Thanks to their efficiency and portability, platforms like Docker and Kubernetes have become household names in the tech industry. However, a misconception lurks in the shadows as containers gain popularity - the belief that active vulnerability scanning becomes redundant once containers are implemented. This blog will...
Blog

A Scary Story of Group Policy Gone Wrong: Accidental Misconfigurations

In the world of cybersecurity, insider threats remain a potent and often underestimated danger. These threats can emanate not only from malicious actors within an organization but also from well-intentioned employees who inadvertently compromise security with a mis-click or other unwitting action. Having spent many years in system administrator-type roles, I'm actually surprised at how easy it...
Blog

VERT Threat Alert: October 2023 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s October 2023 Security Updates , which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1077 on Wednesday, October 11th. In-The-Wild & Disclosed CVEs CVE-2023-41763 While this vulnerability is labeled as a Skype for Business Elevation of Privilege Vulnerability, the...