Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x

Vulnerabilities

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi

I got a spam from Cassi at Exact Data that claimed that Yahoo PPC ads are the next big thing. I didn't click anything, of course.
Having done Google for years, is there any truth in this claim?

Are Scammers sending any semi-plausible tech ads around to click-bait developers?
Is Adsense still the way to go for ads ?

Thanks
0
Q2 2017 - Latest Malware & Internet Attacks
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Hi All,

can you please help me to know more about OS command injection and how to prevent it in asp.net web applications.

Many thanks
0
I have been trying to connect to a Watchguard XTM 330 L2TP vpn using the windows client, keep getting the message that it can't resolve the server name. Using a Windows 2012 Radius server that I can authenticate to from inside the network. DNS is configured on the policy for the watchguard etc. When we use the Watchguard SSLVPN client it works just fine. We use roaming profiles so the SSLVPN client won't work with them. Anyone have any suggestions?
0
Hi All,

I am having a vulnerability issues on my asp.net web application.

a potentially dangerous request.path value was detected from the client (:).

I already have <httpRuntime requestValidateMode="2.0" requestPathInvalidCharacters="" /> on my web config.
0
Hi

I encrypted a USB drive using BitLocker To Go in Windows 10 Pro and when I inserted it into a new machine it prompted for the password. Once I entered it in I noticed a More Options section which allowed me to check Automatically unlock on this PC. I have since realized I don't want this to occur but I don't know how to make it go back to the way it was. I looked in Credential Manager with no luck. Sorry I'm new to BitLocker.
0
Greetings PKI Experts,

I’m in a new position (have been with the company for almost four months).  I have been tasked to remediate various certificate related vulnerabilities at work.  This led me to start looking at our existing PKI structure.  To say that the existing PKI structure is less than ideal is putting it mildly.  Our existing structure is as follows:
•      We have an online root CA that has been installed on a server that is providing various other services to the network.
•      The root CA appears to be issuing certificates to new servers and workstations put on the domain.
•      We had a subordinate CA that was installed on a domain controller.  I believe the actual server with the ADCS installed on it crashed awhile back and the new domain controller (with the same name) never had ADCS installed on it.

Instead of trying to salvage the existing PKI environment, I have decided to setup a new PKI environment.  This is going to be my first production PKI deployment.  I’ve done it a couple of times in a lab environment, but I want to get this right.  The new environment will be setup as follows:
•      The root CA will be an offline root CA.  This will be a Windows Server 2012 R2 Datacenter server.
•      There will be an online subordinate CA.  This will aslo be a Windows Server 2012 R2 Datacenter server.
•      Possibly a web server where the root CA and subordinate CA will publish their CRLs, where the AIA will link to.

Here are some of the questions I have:
1.      Do I need to…
0
I was recently tasked with setting up a VPN for a client of ours for accessing files from home. We are able to successfully login however when we try to map drives or access resources we are unable to. Mapping drives errors as is we are not in that domain. Trying to access the drives through Explorer returns the same. Can anyone assist with this please?
0
1
 
LVL 98

Expert Comment

by:John Hurst
It was the initial Creator Update on my ThinkPad X1 Carbon. As I noted, the issues seem to be fixed in the last 60 days, so here is hoping for good / better with V1709
0
 
LVL 56

Author Comment

by:McKnife
John, this is about MacOS.
0
in TrendMicro's  .dat file, I could issue  
  find/I "malware_name"  AVfile.dat
& it will list if a specific malware is found in it.

McAfee releases csv file (from its portal) the rulesets for various
vulnerabilities which I could search by CVE number.

I wanted to do the same with McAfee AV but from its  amcore.dat
is simply all binaries & won't return anything.  
Is there any method to check what malware/viruses it protects against
in the DAT?

A colleague told me McAfee don't permit its DAT file to be searched
& don't publish full list of malwares (not the new signatures updated)
for each DAT released, true?

Link below mention there's a way but when I login to McAfee portal,
don't see that option anywhere or I navigate wrongly:

https://community.mcafee.com/message/243608#243608

Above link says:
 Try: http://www.mcafee.com/us/mcafee-labs/threat-intelligence.aspx
Select checkbox for 'Malware Name' and enter DNSChanger for the search.
0
Hello all,
I will be migrating a Watchguard XTM505 to a Watchguard M370.  I understand the step by step portion of the policy manager.
My question is that before I import the configuration file from the policy manager to the new M370 do I need to activate the new M370 or do anything else to it?
Thanks,
Kelly W.
0
Industry Leaders: We Want Your Opinion!
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Hi
Im trying to run this application and test or hosts, apps etc.
Im now at the nexpose scan but confused what and where this is configured.
SUggestions.?
metassploit.jpg
0
I'm wondering how practical folks deal with "Penetration Testing" as compared with "Vulnerability Scanning".
I can run a Vulnerability Scan and, let's say, find no vulnerabilities.
But, I'm asked to run a Penetration Test in addition.
With no vulnerabilities to target, what's next?

As I understand it, the notion of a Penetration Test is to actively attempt to get information or deny service or ...., right?
So, if there are no known vulnerabilities, where does one begin to perform a Penetration Test of this sort?
Or, is a clean Vulnerability Scan considered to be "good enough"?

Your experience and thoughts please?  And, for a small organization, what affordable tools would you use?
0
My user cannot connect with Watchguard client or Shrewsoft client.  Switching users to myself I find that I cannot connect with Watchguard client but I can with Shrewsoft.  This is a Windows 7 Pro PC.  My windows 7 PC can use either client.  Why cant this user use the VPN?
0
I am trying to configure my Watchguard firewall [XTM 515 - Fireware 11.9.4] to allow certain machines access to the update site of a software provider. Unfortunately this software vendor does not hold the updates on systems that can be referenced via  fixed ip addresses but rely on referencing their infrastructure via a DNS name.  I don't seem to be able to setup a route using packet filters or proxies. Does anybody know of a way of doing this?
0
Ok further to an earlier post, I don't have the option to move out of IE & Adobe products (namely
Adobe Flash player, Acrobat/Reader,  Shockwave).

So I'll need specific hardenings & settings to make them more secure: attached is a draft I've got
but I'll need more such specific settings for Adobe Flash player, Java applets & Java Runtime
(I got a fair bit of Javascripts) & MS Office hardenings (& management of macros).

Much appreciated if anyone can add in some inputs on hardening/securing of these mobile codes.

Too much are intertwined that I can replace these Adobe products
Mobile-Codes-Deployment-and-Managem.docx
0
Running a Nessus scan produces loads of results. Can anyone recommend a tool for building a coherent report that reasonably easy to use?
0
I have a wireless envorment with:

Server 2012 R2 running the NPS service for RADIUS authentication to the AD
Ubiquiti UniFi APs that are set to forward auth to the RADIUS NPS server

Now I have that setup, and it works, and authenticates the users AD login, and connects to the network just fine, the issue I have, comes after that, when the user is not authenticated through the single sign on through RADIUS for the WatchGuard firewall. I have followed what little information WatchGuard has on this, but most of their information points to MSDN pages, that get me no where.  I understand that the WatchGuard needs to receive accounting packets with information from the NPS server, but it doesn't seem to be getting them, as the firewall still tries to route users to authenticate through the web portal.

Not sure where to go from here in order tell which system to send to what and where, and how.
0
A new hacking trick has emerged leveraging your own helpdesk or support ticketing tools as an easy way to distribute malware.
1
Hi experts,

This is a very weird thing. I think it is best I TRY to keep it simple, which is hard for me, and if you have questions, I can respond.

I have an eight computer client/domain network. We all use I.E. on Win 7. There are times I.E. has an issue with a certain site, so we have Firefox as well. (something I am considering getting rid of).

Two days ago, I was on my work computer and I was surfing important things with Yahoo (in other words -- good sites I hope). It was fine for an hour or so. I then had to go to Yahoo for a story. It was on it for about 30 seconds, when it instantly switched to the site below.

Firefox.pdf

I am not used to Firefox requesting an upgrade like that and .js scared me a little. So, I simply closed the browser. A minute later, I got one of those popups telling you that a very nice person who monitors all Microsoft computers in the world simultaneously noticed I was infected and offered to help if I called him. Of course, I did not do this.

I ran MBAM and SAS and I have the MBAM endpoint product. I didn't find anything. Yes, I know that once infected, always suspected, but I really don't want to completely reformat this computer.

So, I did what any very intelligent, yet very stupid person would do. I tried to reproduce the problem I ran it once again, and it did the same thing so I closed the web browser. I then tried Chrome and I.E. in a VM on my pc and used Yahoo. Fine. I then used Firefox with Yahoo in the VM…
0
Looking for the Wi-Fi vendor that's right for you?
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Looking for Patch Management Cloud service. I have found a few on the Internet but not sure who is good. Looking to patch OS and 3rd party Apps
0
Our company utilizes Tenable Security Center for our vulnerability scanning, and BMC Client Management for our patching/mitigation.

What we are noticing, is that the 2 systems don't always "speak the same language".

For instance, Tenable might say that there is a vulnerability for Plugin ID 100551, but BMC doesn't look at the missing patch roll-up in the same manner.  Trying to reference CVE numbers and the like, also gets messy.

Is there some method in which we could readily compare missing patches between the 2 dissimilar systems?

Thank you
0
Why WDS says firewall if off when we have Comodo Internet Security Premium 10 (has Firewall)?  Also noticed "App & Browser control" says it's OFF and device may be vulnerable, what can be happening?

Screen image:
WDS message
Note we have windows 10 pro
0
At NY Data Center, and UK and US Offices the IP addresses accessing in and being accessed out.


Objective is to identify suspicious / unauthorized access or data transfer .
0
Hello all,

What are the pros and cons for enabling mixed content?
If we enable that, Does that impact anything.
Are there any vulnerabilities?

Thanks
0
Subject of the week | Considering the recent Equifax breach, what are your top personal security tips?

Use different passwords for different sites! If someone gets a hold of your email/password combination, they'll just try it on every site. So a single breach can turn into a bunch of compromised accounts.
2

Vulnerabilities

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.