Changes

From Security Weekly Wiki
Jump to navigationJump to search
#[http://exploit.kitploit.com/2020/10/nagios-xi-573-remote-command-injection.html Nagios XI 5.7.3 Remote Command Injection]
#[https://www.securityweek.com/stackrox-releases-open-source-tool-finding-kubernetes-misconfigurations StackRox Releases Open Source Tool for Finding Kubernetes Misconfigurations | SecurityWeek.Com]
#[https://www.helpnetsecurity.com/2020/10/29/can-automated-penetration-testing-replace-humans/ Can automated penetration testing replace humans? - Help Net Security]- ''The speed of the test and reporting is many magnitudes faster, and the reports are actually surprisingly readable (after verifying with some QSA’s, they will also pass the various PCI DSS pentesting requirements).'' and ''The second advantage is the entry point. A human pentester may be given a specific entry point into your network, while an automated pentesting tool can run the same pen test multiple times from different entry points to uncover vulnerable vectors within your network and monitor various impact scenarios depending on the entry point.''.
#[https://thehackernews.com/2020/10/kashmirblack-botnet-hijacks-thousands.html KashmirBlack Botnet Hijacks Thousands of Sites Running On Popular CMS Platforms]
#[https://threatpost.com/oracle-weblogic-server-rce-flaw-attack/160723/ Oracle WebLogic Server RCE Flaw Under Active Attack] - Love this: ''“At this point, we are seeing the scans slow down a bit,” said Ullrich in a Thursday post. “But they have reached ‘saturation’ meaning that all IPv4 addresses have been scanned for this vulnerability. If you find a vulnerable server in your network: Assume it has been compromised.”''
7,886

edits

Navigation menu