Security News

UPDATE. A proof-of-concept for a critical Windows security vulnerability that allows remote code execution was dropped on GitHub on Tuesday - and while it was taken back down within a few hours, the code was copied and is still out there circulating on the platform. The bug exists in the Windows Print Spooler and has been dubbed "PrintNightmare" by researchers.

CVE-2021-1675, a Windows Print Spooler vulnerability that Microsoft patched in June 2021, presents a much greater danger than initially thought: researchers have proved that it can be exploited to achieve remote code execution and - what's worse - PoC exploits have since been leaked. The Windows Print Spooler is an application / interface / service that interacts with local or networked printers and manages the printing process.

How are you dynamically provisioning access for temporary workers? How are you managing privileged access? The challenges in terms of risky account discovery and clean-up, risk-based access certifications, as well as risk-based authentication has become a critical area for our customers. The next critical customer goal is around detecting and preventing insider threats.

Pling presents itself as a marketplace for creative folk to upload Linux desktop themes and graphics, among other things, in the hope of making a few quid from supporters. It comes in two parts: code needed to run your own bling bazaar, and an Electron-based app users can install to manage their themes from a Pling souk.

Joint Cyber Unit will create more situational awareness and guarantee preparedness to large-scale cybersecurity crises. In the EU, this has taken the form of a new Joint Cyber Unit, situated next to ENISA's offices in Brussels.

VMware has fixed an uber-severe bug in its Carbon Black App Control management server: A server whose job is to lock down critical systems and servers so they don't get changed willy-nilly. Besides the authentication-bypass fix, VMware also published a security advisory for a high-risk bug in VMware Tools, VMware Remote Console for Windows, and VMware App Volumes products.

VMware this week announced the availability of patches for an authentication bypass vulnerability in VMware Carbon Black App Control running on Windows machines. Carbon Black App Control is designed to improve the security of servers and other critical systems by locking them down to prevent unauthorized tampering.

Register for this upcoming webinar to learn how to reduce risk with integrated endpoint-to-cloud security. Currently, security from endpoints to the cloud involves multiple standalone tools that solve specific problems.

VMware has rolled out security updates to resolve a critical flaw affecting Carbon Black App Control that could be exploited to bypass authentication and take control of vulnerable systems. CVE-2021-21998 is the second time VMware is addressing an authentication bypass issue in its Carbon Black endpoint security software.

A critical security bug in Palo Alto Networks' Cortex XSOAR could allow remote attackers to run commands and automations in the Cortex XSOAR War Room and to take other actions on the platform, without having to log in. Found internally by Palo Alto, the bug is an improper-authorization vulnerability that "Enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API," according to the security vendor's Tuesday advisory.