Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x

Vulnerabilities

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.

Share tech news, updates, or what's on your mind.

Sign up to Post

I am working a plan to create a best practice schedule for patching my environments. I know everyone has a different opinion on this but I am looking for a Positive way to move forward on this topic. I have 3 environments Test, dev test and Prod. Just looking for a push start if anyone has went through this some example schedules would be appreciated. Thanks
0
Evaluating UTMs? Here's what you need to know!
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

I am putting together some phone equipment and servers in a datacenter cabinet.  The datacenter is providing us a redundant router connection using HSRP.  The cabinet has two Ethernet cables: primary, secondary.

We need external routable addresses for each of the two border controllers for the phone system.  They have a WAN port and a LAN port so they can have an external (outside the firewall) connection and also have a local IP address in the same subnet as the servers in the cabinet.

We are trying not to purchase another $2000 Cisco switch for the setup to accept the 2 Ethernet connections.

We have a WatchGuard M370 firewall device with several ports that can be configured in many ways.

We have two layer 2 switches available in the cabinet for use outside and/or inside the firewall. It is a layer 3 device.

I need help in the configuration of this system.

One suggestion was to take the two datacenter network cables and plug them into a standard Layer 2 switch then patch that switch into an external interface on the firewall.  After so many attempts I am trying to remember but I think the path to the internet was broken when BOTH router cables were plugged into that switch.  I am going back to the datacenter tomorrow to try more things but I wanted to get some input from you guys first.  I have the datacenter IP sheet where they provide me the configuration info but didn't want to post live addresses on this site.  Basically they gave me a \29 subnet and …
0
One of the Experts here on EE suggested GFI Languard.  So, we bought it and have  had it running for a few months.  As I get further into it and want to take advantage of its capabilities, I naturally have questions.

Being a "good customer" I figured to start on the community forum.  But I can't log in and I can't set up a new account.  I have LOTS of email addresses available and can set up new ones.  Yet, no matter which one I enter for a new Registration, it says "already used".  Can't be true of course.

Telephone customer support takes one to a menu that has nothing to do with customer support and, if you politely wait after not responding, it says "Goodbye".

I may be in the market for 3rd party Q&A at least.  Or, what might you suggest?
0
how to remove ramsomware samsam or .weapologize extension?
0
Watchguard mobile VPN stops receiving data whenever I reboot my laptop. It requires me to uninstall and install again to make it working. Can some please suggest me the cause of the issue.
1
I am getting an ongoing Bitdefender Threat Scanner error message.  It says that a file containing error information has been created at Z\\WINDOWS\TEMP\Bitdefender Threat Scanner.dmp.  I have never used Bitdefender, nor is it installed on my computer.  I do not have Spybot, nor have I ever had it on this computer.  I CANNOT get rid of this error message!!  HELP!!!
0
How do we verify the patches effectively mitigate?
0
For some strange reason the patch will not install on any w10 v1607 in my entire domain. If I take that same machine and bring it up to v1709 and applied the appropriate Meltdown patch... It installs.
There is a know issue with Bloomberg and v1709 which why I must remain on 1607.

See screenshot below.
Meltdownw10v1607
0
Hi guys

can you help clarifying if Intel has already released any fixes for this problem ? If yes, what's the download link ?

Thanks so much.
0
Does anyone know if IBM has come out with a statement of impact or remediation for the IBM i platform - in regards to the Spectre/Meltdown vulnerabilities?
0
Who's Defending Your Organization from Threats?
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

HI guys,

I'm unsure about the specific KB hotfix that Microsoft has released to patch the Meltdown & Spectre vulnerabilities.
Does anyone know ? Are there different patches for the various operating systems (2008/2012/2016) ?

In case someone has already installed them, did you notice a performance degradation ? Did you do a baseline before and after the patch installation to verify the performance impact ? I'm wondering how to best measure this (I'm referring to servers, ie data center environment).

Also, did you deploy the new registry key too before installing this patch ?

Thanks!
0
Appreciate if can point me to links / URLs on patches to download & availability for
a) MS Windows 2008 R2, 2012 R2, 2016,  7, 10
b) Dell & IBM hardware
c) ESXi Ver 6.1
d) Various Cisco switches & routers (we have 2xxx, 3xxx, 4xxx models)
e) EMC VNC & VMAX
f) Solaris x86 on AMD
g) McAfee AV
h) Bluecoat Proxy
i)  F5 LTM, GTM Ver 11.7.x
0
How can Intel, AMD and ARM escape this meltdown and spectre without replacing the chips? Is patching the only solution? Or even it has some loopholes?
0
Learn how to mitigate the new intel bugs Meltdown & Spectre,

Join this free #webinar titled "How to mitigate #Meltdown and #Spectre bugs" on Jan 10, 11:00 am EDT to get hands on experience, clarify your doubts , fix the exploit and get back to your routines.

https://www.manageengine.com/products/desktop-central/meltdown-and-spectre-webinar.html?ee

melt-webinar-social-banner.jpg
0
We have a couple vcenters with esxi hosts. 5.5 and 5.1. Should we be concerned about all the hype over the meltdown and Spectre vulnerabilities? I know it has caused havoc in the Microsoft world. What should we be concerned about in the VMware world?
0

Meltdown and Spectre: Battling the bugs in Intel, AMD, and ARM processors


Intel bugs exploiting your sensitive data, AMD and ARM also becomes victims to this exploit.

Read more: https://blogs.manageengine.com/desktop-mobile/2018/01/05/meltdown-and-spectre-battling-the-bugs-in-intel-amd-and-arm-processors.html

You can mitigate this threats to certain extent by patching your windows systems now, after checking the compatible AV's, if updated with incompatible AV's the system may crash, causing blue screen error. Update now and secure your sensitive data.

Attend this webinar to mitigate the bugs right away.
0
 
LVL 100

Expert Comment

by:John Hurst
Just keep patches up to date and use due care when surfing the web and downloading email.
1
Awesome xkcd re: Meltdown and Spectre: https://xkcd.com/1938/ 
5
 
LVL 1

Expert Comment

by:Giridhara Raam
Mitigate @intel bugs,

Join this free #webinar titled "How to mitigate #Meltdown and #Spectre bugs" on Jan 10, 11:00 am EDT to get hands on experience.

https://www.manageengine.com/products/desktop-central/meltdown-and-spectre-webinar.html?EE

melt-webinar-social-banner.jpg
0
 
LVL 50

Expert Comment

by:dbrunton
0
My Favorites for IE and Bookmarks for Chrome keep replicating/duplicating themselves to the tune of 24,000+. We are on Office 365. i've deleted them both in IE (on my laptop and on the site directly) and Chrome. but they keep coming back. I've even deleted the chrome bookmark file and started with a clean slate.
0
Hi Experts,

With regards to the recent vulnerabilities with Intel, and I heard that AMDs are affected as well, I am wondering if any action need to be taken for Windows 7, 8, 10, and MAC ?

Thank you
0
Concerto Cloud for Software Providers & ISVs
LVL 5
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Intels Corporation
Spectre and Meltdown, how it affects me and my clients?
2
 
LVL 50

Expert Comment

by:dbrunton
Comment Utility
That Intel tool is only useful for checking for the Intel Active Management Technology flaw.  That's an old flaw.

This is the Meltdown and Spectre problem which is a new flaw.
0
 
LVL 14

Author Comment

by:Jose Gabriel Ortega C
Comment Utility
Thank you for the comment, I've updated it.
0
https://bitnami.com/stack/mediawiki/installer

I refer to above tool that our developer wanted to use.  Can provide comments on
a) is there a site or source that regularly produce/track for new vulnerabilities for that software
b) are patches being produced regularly : is this considered an Opensource and release of patches is not contractually required?

If there's no regular patchings, what are the precautions we ought to take?  Eg: use it on an air-gap PC without Internet access?
0
My server load averages are going way high and too many processes are being consumed. Is it a DDoS attack or something wrong with the server?
Screen-Shot-2018-01-02-at-14.54.13.png
0
Desktop:Windows 8
VPN connection: Forticlient 5.6 or Sonicwall Netextender 8.0 used to connect to office network
Telus internet connection
Browser: Chrome, Firefox
Situation:
1. Telus internet connection works fine.
2. Without VPN connection, Chrome and Firefox access internet is normal, .
3. With VPN connection, Chrome works fine, only Firefox is very, very slow.
4. I turned off Firefox proxy server setting, Firefox works fine about two days then slowly again
5. Computer found unnormal login script error message, seems has malware in it.

Question:
How to block firefox access internet through VPN connection before I find a way kill the malware.
0
Given that SSL is no longer considered safe due to the POODLE vulnerability, what email options exist?

https://www.pcicomplianceguide.org/pci-dss-v3-1-and-ssl-what-you-should-do-now/

And does this POODLE vulnerability actually expose someone who sends an email with a secure PDF as an attachment?

Is there a way to securely send an email with a merchant's credit card monthly statement as an attachment? If so, what types of email are considered PCI compliant?

If not, other options are there for sending a PDF? DropBox?

What are the alternatives?

Thanks.
0
Using Nessus to scan for vulnerabilities.  It is reporting that Visual Studio C++ is not patched, although the KB has been applied.
The following Visual C++ Redistributable Package has not
been patched :

  Product           : Visual C++ 2010 SP1 Redistributable Package
  Installed version : 10.0.40219.1
  Fixed version     : 10.0.40219.325

After further investigation, the machine in question only has the x86 version installed (and the DLL's in SysWo64 are the correct version) but there is also a set of DLL's in the System32 folder that are the older version.  If x86 is installed, does anyone know why there are files in the System32 folder?
0

Vulnerabilities

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.