Patch and check your DMZ firewalls! Oracle WebLogic Affected by Unauthenticated Remote Code Execution Vulnerability (CVE-2019-2725)

Patch and check your DMZ firewalls! Oracle WebLogic Affected by Unauthenticated Remote Code Execution Vulnerability (CVE-2019-2725)

Tenable wrote a good article. Sadly they also missed that weblogic server has no business reaching out to just any server on the one internet hence a good mitigation strategy is also block outgoing traffic from any weblogic server to internet. That could be faster mitigating solution than negotiate with business owners an out of cycle patch window. Of course the patch should be applied anyway later.

Read More

Skybox detects network devices' vulnerabilities without scanning

Skybox detects network devices' vulnerabilities without scanning

In our experience, the roll-out of Skybox Security Firewall and Network Assurance modules greatly improves not only visibility of the network design, compliance with security policies, but also risks associated with unpatched network devices. As it is not uncommon for organisations to run unpatches network devices and firewalls, the focus of operations security managers should be offloading vulnerability management of network devices to their owners - managers of network teams.

Read More

Microsoft Patch Tuesday March 2019

Microsoft Patch Tuesday March 2019

As expected, and appreciated, Microsoft has released patches to their products (plus Adobe’s). The full list can be a bit daunting: looking at the Security Update portal, there are 1455 items in the patch table. https://portal.msrc.microsoft.com/en-us/security-guidance

All out clients subscribed to vulnerability management - Advanced SOC - services should receive notification of the applicability of these in their environments. For the rest, I want to highlight the most critical patches and actions needed.

Read More