Vulnerabilities

6K

Solutions

8K

Contributors

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.

Share tech news, updates, or what's on your mind.

Sign up to Post

Q1:
Does  JDK 1.6, JRE 6 & J2EE 1.6 have the same End of Support date (ie beyond
which there's no further patch/support fr Oracle)?

Q2:
I'm looking at JDK 1.8, JRE 8, J2EE 1.8 : what's their End of support date

Q3:
& do they (the 3 items above) simply have a common EoL/EoSL date as Java 8?    

Q4:
So the products that are bundled with above Java items (eg: Weblogic & JBoss)
will have their EoL/EoSL the same as  the versions of bundled Java or usually
they're different & we can update/upgrade the Java components separately?
0
Starting with Angular 5
LVL 13
Starting with Angular 5

Learn the essential features and functions of the popular JavaScript framework for building mobile, desktop and web applications.

Hi All,

We are looking at a way to control and monitor our internet usage. What we require is a way to block certain sites, such as porn, but also to notify when other site categories are accessed. We use a WatchGuard firewall with web blocker which is applied to a http proxy. We can setup a https proxy and apply the web blocker, however this will require a certificate to be installed at the client to work. No real biggie for our domain users. However we have a number of third party users that bring their own devices at a different physical location, that it will be very difficult to install the certificate / manage these devices as there is a high turnover of people / devices.

What is the best way to manage this? If via the firewall, how best to manage the third party devices/ certificate install. Internet proxy? if so any recommendations? For the third party devices, the access point is Meraki, can the above be achieved via the AP?

Thanks for your help
Paul
0
Hi experts.   I have a customer that got an encryption virus and we are dealing with it.   I am looking for any kind of way to setup the network so we don't get those, even if the client did click on the bad email.   We have taught most of our users to forward it to us if  it looks suspicious.  Always check the from address and that will tell you more.   But they still clicked on it and invited it in.,     We have 2 servers and about 25 workstations.  Have a Watchguard firewall and Bitdefender on all the machines.  
Any guidelines would be appreciated.
0
I keep receiving these type of alerts within our Cisco AMP for endpoint protection software and need to know if these alert need to be whitelisted or not.  

Please see below:

Alert #1
Detection:  PUA.Win.Trojan.Generic::95.sbx.tg
Filename:  Microstub.exe

Alert #2
Detection:  Gen:Variant.Ulise.25092
Filename:  Dell Printer Hub.exe

Most of the time, the AMP quarantine takes over, but at times, quarantine fails or is not seen.  


Also, is there somewhere I can go and get some CBT's for Cisco AMP for endpoint protection?  Or how to search/resolve for these types of alerts?
0
We have implemented the spectre/meltdown registry fixes to our virtual machines and liv emigration stopped working.

We subsequently as the registry keys to the hosts as well and its still not working.


Warning: live migration will fail between hosts with the updated firmware and hosts without the updated firmware. For more details, see the FAQ at the bottom of this document.

Does anyone know what errors are generated when the live migrant fails so we can compare to our event id's and errors
0
I was asked to write a business (IT security) policy which basically states that whenever there is a vulnerability on a business owned device, the IT department has the authority to ask and collect the hardware for IT security purposes.  I've never written such a policy and wanted to know the format and possibly an example of such a policy.  I just don't know where to start since my company is fairly new.
0
I'm looking for someone to help setup a new watchguard T15 and a BOVPN to an existing XTM25.  I know enough to be dangerous (maybe even that much).

I'd envision to have the person on the phone / remoted into my PC which would be on the LAN side of the T15 and I'd have team viewer connection to a PC on the LAN side of the XTM25 to set up the vpn (you are probably saying there's better ways to do the setup, but that's an indication of what I do and don't know).
0
does anyone know how viruses such as Hermes 2.1 infect machines on a local network ? if a user executes it on their machine does the virus then try and copy its self to other machines on the network or does it try and encrypt the drives remotely ?
0
Question from a Quallys report QID is 119518
0
I need to alert both Sysadmin’s and applications Admins by reports SEPARATELY by using Nessus Pro, how can I do scan for OSs exclusively, and applications exclusively?
And how do scan Windows exclusively? And Linux
0
Bootstrap 4: Exploring New Features
LVL 13
Bootstrap 4: Exploring New Features

Learn how to use and navigate the new features included in Bootstrap 4, the most popular HTML, CSS, and JavaScript framework for developing responsive, mobile-first websites.

http://www-01.ibm.com/support/docview.wss?uid=swg22005400

Security Bulletin: IBM MQ and IBM MQ Appliance MQOPEN call might succeed when it should have failed. (CVE-2017-1341 )


what does  IBM MQ and IBM MQ Appliance MQOPEN call means?
does it mean client side or server side?
0
0
Q1:
Was told by CyberArk  vendor that the Windows server/VM hosting Cyberark's Vault
should not be hardened ie leave it as vanilla: during installation, Cyberark will auto-
harden it?  Is this the recommended practice?

Q2:
Can share what are the hardenings that Cyberark do on the Vault (ie the Cyberark
DB) server?

Q3:
For the server running Cybark's PVWA & CPM, was told a few hardened off services
must be unhardened for PVWA/CPM to work: can share what are these?
0
I need to do an Enterprise Architecture maturity assessment using TOGAF framework. Can anyone who has done something similar give me guidance on best way to approach this.
Over all approach
Red flag points
Action points

Thank you for your help.

J
0
I need to use Nexpose for scanning and we have a base license.  I sent a couple of emails to the company for assistance, but no response since last week.  Anyone familiar with this product that can assist?  I'm trying to scan our DMZ network for potential issues.

This will be an internal scan of the DMZ.
0
I have a user who is using the Watchguard VPN client software. They have been using it on Windows 10 Pro (v 1709) for 6 months without issue. The UAC prompt suddenly started appearing this morning when they try to run the software. No updates for Windows or the software have been installed. I have 60 other users that are using it without this problem also. I am at a loss as to why this would suddenly start needing elevated privileges to run. Does anyone know why this would happen or how to fix it? I am not going to disable user account control or give them admin rights.
0
Laptop was stolen from Starbucks.  Is there a way to track the whereabouts of the laptop?  It's not an apple machine.
0
I had this question after viewing Watchguard Firewall xFlow Configuration.
0
have a client workstation that suddenly givea a '7-zip access denied' error on any executable but 7-zip is not installed(that i can find)  Malwarebytes scans clean and Vipre Internet Security scans clean.  Administrator/user permissions make no difference.
0
OWASP Proactive Controls
LVL 13
OWASP Proactive Controls

Learn the most important control and control categories that every architect and developer should include in their projects.

Good Afternoon,

We had a security audit of our entire network and were provided with a report of all potential vulnerabilities.
Working through these, we came across a list of users with the "allowed to be delegated to a service" vulnerability.

I've had a good search on google and ran the below powershell commands but I cannot seem to find anything regarding "These administrative accounts are allowed to be delegated to a service" on the users accounts and nothing is being returned from the powershell commands.

Get-ADUser -LdapFilter "(userAccountControl:1.2.840.113556.1.4.803:=524288)" | %{$_.DistinguishedName}

Open in new window

Get-aduser -ldapfilter "(&(userAccountControl:1.2.840.113556.1.4.803:=16777216)(msDS-AllowedToDelegateTo=*))" | %{$_.DistinguishedName}

Open in new window

Get-aduser -LdapFilter "(&(!(|(userAccountControl:1.2.840.113556.1.4.803:=524288)(userAccountControl:1.2.840.113556.1.4.803:=16777216)))(msDS-AllowedToDelegateTo=*))" | %{$_.DistinguishedName}

Open in new window

Get-aduser -LdapFilter "(&(userAccountControl:1.2.840.113556.1.4.803:=16777216)(!(msDS-AllowedToDelegateTo=*)))" | %{$_.DistinguishedName}

Open in new window


Does anyone know what "These administrative accounts are allowed to be delegated to a service" is?
Any why this is set when the accounts aren't even administrators?

Many thanks!
0
Customer has a watchguard T10 firebox firewall for a pos system.  The POS server connects directly to the trusted network port. no other computers connect to that network.  

Customer wants to setup an access point for wifi.  The watchguard has a 3rd port.  I want to activate it as a second network and allow wireless devices to access the internet.  

The watchguard firewall does not have built in wifi.  We purchased an access point that we plan to connect to the 3rd port.

This is a restaurant, there are no office pc's or network printers.

Need suggestions on policy's, the device has contenfilter subscriptions.  I want to enforce them on the 3rd port too if possible.
0
I installed AIX 7.1 there is no application installed ,i upgraded java 5 to 7 .
When i run Nessus scan i am getting sslv2 and sslv3 detection vulnerability .
0
I installed AIX 7.1 there is no application installed ,i upgraded java 5 to 7 .
When i run Nessus scan i am getting sslv2 and sslv3 detection vulnerability .
0
We have a Linux server and after it was scanned for any security vulnerabilities, we got one about "SSH Weak Algorithms Supported".  I tried to make a change to the ssh_config file under /etc/ssh/ to remove the support for any "arcfour" algorithm, but after another scan, it is still showing that this vulnerability exists.  Can anyone tell me exactly what I need to change?  This is my line in the ssh_config file:

 Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc

Thanks in advance!
- Christian
0
We have a Watchguard M200 firewall that we would like to limit inbound/outbound bandwidth to 20Mbps on our External (WAN) interface. Our ISP allows for 40Mbps total bandwidth. I've gone into Traffic Management and changed the interface to limit bandwidth to 20Mbps but this only seems to apply to upstream outbound traffic. Inbound traffic is still coming in at the fulll 40Mbps. Is it possible to also limit inbound traffic to 20Mbps?

Thank you
0

Vulnerabilities

6K

Solutions

8K

Contributors

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.