Category Archives: WatchGuard Security Center

Sicherheitshinweise: WatchGuard veröffentlicht drei neue CVEs für Single-Sign-On (SSO) – incl. Workaround

WatchGuard hat heute drei aktuelle Sicherheitshinweise veröffentlicht, darunter auch zwei kritische Sicherheitslücken:

  • WatchGuard Firebox Single Sign-On Client Denial-of-Service (CVE-2024-6594)
  • WatchGuard SSO Agent Telnet Authentication Bypass (CVE-2024-6593)
  • WatchGuard Firebox Single Sign-On Agent Protocol Authorization Bypass (CVE-2024-6592)

Für alle drei CVEs (Common Vulnerabilities and Exposures) hat WatchGuard bereits ausführliche Beschreibungen bereitgestellt, einschließlich passender Workarounds, um betroffene Systeme zu schützen. Weiterlesen »

Flash 0day and MS Patch Day – Daily Security Byte EP. 273

Flash 0day and MS Patch Day – Daily Security Byte EP. 273
by Corey Nachreiner

The second Tuesday of each month is infamously known as Microsoft Patch Day by IT pros. However, this month Adobe’s security news trumps Microsoft’s. Watch today’s video to learn why you should update Flash before your Microsoft products, but also why you shouldn’t skimp on the Microsoft patches either.

(Episode Runtime: 2:59)
Direct YouTube Link: https://www.youtube.com/watch?v=cPo6vF9vrCU
EPISODE REFERENCES:
• Microsoft June Patch Day summary page – Microsoft
• Adobe Security bulletin summary page – Adobe
• Adobe fixes Flash 0day vulnerability – Adobe
• Good overall summary of Microsoft Patch Day – Ghacks
— Corey Nachreiner, CISSP (@SecAdept)

Locky Botnet Down – Daily Security Byte EP. 272

Locky Botnet Down – Daily Security Byte EP. 272
by Corey Nachreiner

I ended last week’s Daily Bytes on a positive note with news of a big botnet going down. Watch Friday’s video to learn what this means for two popular malware variants.

(Episode Runtime: 2:15)
Direct YouTube Link: https://www.youtube.com/watch?v=34_RZ-jsfmc
EPISODE REFERENCES:
• World’s largest botnet vanishes – Motherboard
• Researcher’s comments on Necurs disapperance – Twitter
• Online Necurs tracker – Malware Tech Blog
— Corey Nachreiner, CISSP (@SecAdept)

Twitter Password Dump – Daily Security Byte EP. 271

Twitter Password Dump – Daily Security Byte EP. 271
by Corey Nachreiner

It feels like there has been an endless flood of social network credential leaks on the underground lately. Well, add yet another to the list. Today’s video talks about criminals selling 32 million cleartext Twitter passwords online. Watch to learn whether or not you should be concerned.

(Episode Runtime: 3:00)
Direct YouTube Link: https://www.youtube.com/watch?v=wH3GWW45kho
EPISODE REFERENCES:
• Leaked source covers the Twitter credential leak – Leaked Source
• Twitter confident the leak isn’t due to a hack – Engadget
• Television news piece on the stolen Twitter credentials – NBS News
• Wired interviews the criminals selling password online – Wired
— Corey Nachreiner, CISSP (@SecAdept)

Advanced Lingering Malware – Daily Security Byte EP. 270

Advanced Lingering Malware – Daily Security Byte EP. 270
by Corey Nachreiner

Microsoft’s Background Intelligent Transfer Service helps Windows and other programs quietly deliver updates in the background, without taxing your network bandwidth. Unfortunately, cyber criminals have also figured out how to exploit it to continually reinstall malware on a cleaned computer. Watch the video below to learn more.

(Episode Runtime: 4:08)
Direct YouTube Link: https://www.youtube.com/watch?v=eSNeCHWNpN4
EPISODE REFERENCES:
• Malware lingers with BITS – SecureWorks
• WatchGuard acquires Hexis for Holistic network security – WatchGuard
— Corey Nachreiner, CISSP (@SecAdept)

Morphing Ransomware Factory – Daily Security Byte EP. 269

Morphing Ransomware Factory – Daily Security Byte EP. 269
by Corey Nachreiner

In past videos, I’ve talked about how malware variants often “morph” to evade signature-based malware detection. Today’s video covers research showing just how often attackers change their ransomware variants. Watch to learn why you need better ways to catch modern malware and ransomware.

(Episode Runtime: 4:08)
Direct YouTube Link: https://www.youtube.com/watch?v=8PFL8kA-Dp8
EPISODE REFERENCES:
• Ransomware morphs every 15 seconds – IBTimes
• Blog post describing the Cerber Malware Factory – Invincea
— Corey Nachreiner, CISSP (@SecAdept)

Wireless 802.11 Car Hack – Daily Security Byte EP. 268

Wireless 802.11 Car Hack – Daily Security Byte EP. 268
by Corey Nachreiner

Connecting cars to the Internet through GSM cellular networks already proved dangerous, but what if you built a wireless access point into your car? Watch today’s video to learn how car thieves might exploit the latest car hacking research.

(Episode Runtime: 3:44)
Direct YouTube Link: https://www.youtube.com/watch?v=UBSGDeoFykw
EPISODE REFERENCES:
• Reseachers hack Mitsubishi Outlander alarm system – Network World
• Pen Test Partners research on the Outlanders PHEV wireless system – Pen Test Partners
— Corey Nachreiner, CISSP (@SecAdept)

Mysterious TeamViewer Hacks – Daily Security Byte EP. 267

Mysterious TeamViewer Hacks – Daily Security Byte EP. 267
by Corey Nachreiner

A number of Teamviewer users have reported that attackers have mysteriously gained control of their remote desktop software and used their computers to steal from their PayPal accounts. Has the Teamviewer app been hacked, or are attackers just using stolen credentials to log in? No one knows for sure, but watch today’s video to learn more about this incident and what you should do.

(Episode Runtime: 3:22)
Direct YouTube Link: https://www.youtube.com/watch?v=Nx7xSWjNCEM
EPISODE REFERENCES:
• Attackers leverage TeamViewer to drain PayPal accounts – The Register
• Teamviewer’s official response to the “hacking” incidents – TeamViewer
• Reddit users complaining about TeamViewer hacks – Reddit
— Corey Nachreiner, CISSP (@SecAdept)