Vulnerability Management and more

2021-07-31 02:18:03 Debugging this error made me crazy, and the reason was so stupid that I even decided to make a separate video about it. Please show it to the guys at Tenable because it certainly shouldn't be the end user's problem.

Video:


Blog post: https://avleonov.com/2021/07/31/how-to-fix-nessus-failed-to-load-the-ssh-private-key-error/ Open / Comment

2021-07-31 00:00:20 Have a great weekend guys! I know this is an old joke, but it's brilliant. The best representation of the true Russian way of providing service. Not just taxi driving. #недури

Open / Comment

2021-07-26 19:51:44 Hello everyone! After 4 episodes of the Last Week’s Security news, I decided to change the format. I will no longer try to cover all the important news, because it takes a long time to prepare such reviews. So, from now on, I will focus only on a few news of the past week, which I subjectively consider the most interesting.

So, the last week, July 19 – July 25. In my opinion, the most interesting news was the scandal related to the iPhone Pegasus spyware and two Elevations of Privileges: SeriousSAM for Windows and Sequoia for Linux.

Video:


Text: https://avleonov.com/2021/07/26/last-weeks-security-news-pegasus-serioussam-sequoia/ Open / Comment

2021-07-25 15:52:21 Hello everyone! I decided to share my thoughts on the latest Gartner vulnerability assessment report. Not so bad text after all, but it could be better.
Video:


Text: https://avleonov.com/2021/07/25/my-thoughts-on-the-2021-gartner-market-guide-for-vulnerability-assessment-what-about-the-quality/

If you don't want to watch the entire video, here is the main idea:

Open / Comment

2021-07-20 23:33:00 Good one #sequoia

"Any unprivileged user can gain root privileges on a vulnerable host by exploiting this vulnerability in a default configuration".

"Qualys security researchers have been able to independently verify the vulnerability, develop an exploit, and obtain full root privileges on default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation. Other Linux distributions are likely vulnerable and probably exploitable".

https://blog.qualys.com/vulnerabilities-threat-research/2021/07/20/sequoia-a-local-privilege-escalation-vulnerability-in-linuxs-filesystem-layer-cve-2021-33909 Open / Comment

2021-07-19 19:40:54 Hello guys! The fourth episode of Last Week’s Security news, July 12 – July 18. Exploits for ForgeRock, vSphere, Apache Tomcat, new Print Spooler vuln, Kaseya Patch and REvil, SolarWinds, Schneider Electric, Bulletins and more.

Also now I record the sound separately on a good enough microphone, so the sound is better.

Video:


Text: https://avleonov.com/2021/07/19/last-weeks-security-news-exploits-in-forgerock-vsphere-apache-tomcat-new-print-spooler-vuln-kaseya-patch-and-revil-solarwinds-schneider-electric-bulletins/ Open / Comment

2021-07-15 00:10:42 Hello everyone! For the past 9 months, I’ve been doing Microsoft Patch Tuesday reviews quarterly. Now I think it would be better to review the July Patch Tuesday while the topic is still fresh. And that will save us some time in the next Last Week’s Security news episode. So, July Patch Tuesday, 116 vulnerabilities.
Video:


Text: https://avleonov.com/2021/07/15/vulristics-microsoft-patch-tuesday-july-2020-zero-days-eop-in-kernel-and-rce-in-scripting-engine-rces-in-kernel-dns-server-exchange-and-hyper-v/ Open / Comment

2021-07-12 10:14:18 Hello guys! The third episode of Last Week’s Security news, July 5 - July 11. There was a lot of news last week. Most of them was again about PrintNightmare and Kaseya. Also in the episode Morgan Stanley Accellion FTA, Cisco BPA and WSA, Philips Vue PACS, CISA RVAs, Lazarus job offers.
Video:


Text: https://avleonov.com/2021/07/11/last-weeks-security-news-printnightmare-patches-and-metasploit-kaseya-cves-morgan-stanley-accellion-fta-cisco-bpa-and-wsa-philips-vue-pacs-cisa-rvas-lazarus-job-offers/ Open / Comment

2021-07-10 04:38:34 Hello everyone! Let’s now talk about Microsoft Patch Tuesday vulnerabilities for the second quarter of 2021. April, May and June. Not the most exciting topic, I agree. I am surprised that someone is reading or watching this. For me personally, this is a kind of tradition. Plus this is an opportunity to try Vulristics in action and find possible problems. It is also interesting to see what VM vendors considered critical back then and what actually became critical.
Video:


Text: https://avleonov.com/2021/07/10/vulristics-microsoft-patch-tuesdays-q2-2021/ Open / Comment

2021-07-08 12:27:48 New PrintNightmare Patch Can Be Bypassed, Say Researchers
#InfosecurityMagazineNews

"Microsoft has now released a patch for all Windows versions affected by the PrintNightmare zero-day, but researchers have already found a way to bypass the fix in attacks.
As predicted, Microsoft this week pushed an out-of-band patch for CVE-2021-34527, which now has a CVSS "high severity" score of 8.2.
The incomplete initial release on Tuesday was followed up a day later with a version which covered the remaining unpatched products: Windows Server 2012, Windows Server 2016 and Windows 10, Version 1607.
However, within hours of the..."

https://www.infosecurity-magazine.com:443/news/new-printnightmare-patch-bypassed/ Open / Comment