New episode "In The Trend of VM" (#10): 8 trending vulnerabilities of November, zero budget VM and who should look for patches. The competition for the best question on the topic of VM continues. 😉🎁
📹 Video on YouTube, LinkedIn
🗞 Post on Habr (rus)
🗒 Digest on the PT website
Content:
🔻 00:29 Spoofing - Windows NTLM (CVE-2024-43451)
🔻 01:16 Elevation of Privilege - Windows Task Scheduler (CVE-2024-49039)
🔻 02:16 Spoofing - Microsoft Exchange (CVE-2024-49040)
🔻 03:03 Elevation of Privilege - needrestart (CVE-2024-48990)
🔻 04:11 Remote Code Execution - FortiManager "FortiJump" (CVE-2024-47575)
🔻 05:19 Authentication Bypass - PAN-OS (CVE-2024-0012)
🔻 06:32 Elevation of Privilege - PAN-OS (CVE-2024-9474)
🔻 07:42 Path Traversal - Zyxel firewall (CVE-2024-11667)
🔻 08:37 Is it possible to Manage Vulnerabilities with no budget?
🔻 09:53 Should a VM specialist specify a patch to install on the host in a Vulnerability Remediation task?
🔻 10:51 Full digest of trending vulnerabilities
🔻 11:18 Backstage
На русском
@avleonovcom #TrendVulns #PositiveTechnologies #SecLab #Microsoft #NTLM #MSHTML #ClearSky #SparkRAT #Windows #AppContainer #TaskScheduler #RomCom #Firefox #Exchange #Kaspersky #needrestart #Ubuntu #Qualys #Fortinet #FortiManager #FortiJump #watchTowrLabs #PANOS #PaloAlto #CISAKEV #Shadowserver #Zyxel #Sekoia #Helldown #VMprocess #Detection #Remediation #VMprocess
📹 Video on YouTube, LinkedIn
🗞 Post on Habr (rus)
🗒 Digest on the PT website
Content:
🔻 00:29 Spoofing - Windows NTLM (CVE-2024-43451)
🔻 01:16 Elevation of Privilege - Windows Task Scheduler (CVE-2024-49039)
🔻 02:16 Spoofing - Microsoft Exchange (CVE-2024-49040)
🔻 03:03 Elevation of Privilege - needrestart (CVE-2024-48990)
🔻 04:11 Remote Code Execution - FortiManager "FortiJump" (CVE-2024-47575)
🔻 05:19 Authentication Bypass - PAN-OS (CVE-2024-0012)
🔻 06:32 Elevation of Privilege - PAN-OS (CVE-2024-9474)
🔻 07:42 Path Traversal - Zyxel firewall (CVE-2024-11667)
🔻 08:37 Is it possible to Manage Vulnerabilities with no budget?
🔻 09:53 Should a VM specialist specify a patch to install on the host in a Vulnerability Remediation task?
🔻 10:51 Full digest of trending vulnerabilities
🔻 11:18 Backstage
На русском
@avleonovcom #TrendVulns #PositiveTechnologies #SecLab #Microsoft #NTLM #MSHTML #ClearSky #SparkRAT #Windows #AppContainer #TaskScheduler #RomCom #Firefox #Exchange #Kaspersky #needrestart #Ubuntu #Qualys #Fortinet #FortiManager #FortiJump #watchTowrLabs #PANOS #PaloAlto #CISAKEV #Shadowserver #Zyxel #Sekoia #Helldown #VMprocess #Detection #Remediation #VMprocess