Authentication, Network and SMB

CVE-2024-8260: SMB Force-Authentication Vulnerability in OPA Could Lead to Credential Leakage

Tenable

OCTOBER 22, 2024

Tenable Research discovered an SMB force-authentication vulnerability in Open Policy Agent (OPA) that is now fixed in the latest release of OPA. This exploration led us to discover an SMB force-authentication vulnerability (CVSSv3 6.1) affecting all existing versions of OPA for Windows at that time.

SMB

SMB Authentication Policies Open Source

It's 2022. Why do you keep using SMB?

Ivanti

MARCH 4, 2022

During the last 25 years, companies have relied on SMB protocol to allow them to collaborate and centralize corporate documents. The history of SMB (and why it's no longer relevant). The initial goal was to provide shared access to files and printers across nodes on a network. The latest iteration, SMB 3.1.1, Windows 10?and?Windows

SMB

SMB LAN Authentication Windows

Maximize Your Vulnerability Scan Value with Authenticated Scanning

Tenable

NOVEMBER 30, 2023

Start doing authenticated scanning. Performing authenticated scans of your environment offers essential benefits and is a practice widely recognized as valuable. The scan configurations we observe in Tenable’s SaaS products are telling: our customers run unauthenticated scans 20 times more than authenticated ones.

Authentication

Authentication Software Review SMB Systems Review

Webinars

Prepare Now: 2025s Must-Know Trends For Product And Data Leaders

From Start to Scale: Driving Growth Through Seamless Payments Implementation

MORE WEBINARS

Leverage Two-Factor Authentication for Maximized Security

Kaseya

OCTOBER 1, 2019

Phishing, social engineering and unsecured networks have made password based authentication insecure for some time. In today’s age where security breaches have become an everyday occurrence, password-only authentication is not sufficient. Increase Security with Two-Factor Authentication. In fact, PCI DSS Requirement 8.1

Authentication

Authentication Systems Review Technical Review Software Review

Palo Alto Networks Recognized in Critical Capabilities Report

Palo Alto Networks

MAY 22, 2023

Highest Scores for Enterprise Edge and Distributed Enterprise Use Cases In December 2022, for the eleventh consecutive time, Palo Alto Networks was named a Leader in the Gartner® Magic Quadrant™ for Network Firewalls. And on May 16th, Gartner published its Critical Capabilities for Network Firewalls report.

Network

Network Report Firewall Data Center

Microsoft’s September 2024 Patch Tuesday Addresses 79 CVEs (CVE-2024-43491)

Tenable

SEPTEMBER 10, 2024

Active Directory Lightweight Directory Services Administrative Tools Internet Explorer 11 Internet Information ServicesWorld Wide Web Services LPD Print Service Microsoft Message Queue (MSMQ) Server Core MSMQ HTTP Support MultiPoint Connector SMB 1.0/CIFS Advanced Services ASP.NET 4.6 This vulnerability was assigned a CVSSv3 score of 7.3

Windows

Windows Azure Authentication SMB

Build RAG-based generative AI applications in AWS using Amazon FSx for NetApp ONTAP with Amazon Bedrock

AWS Machine Learning - AI

SEPTEMBER 17, 2024

We use an Amazon Elastic Compute Cloud (Amazon EC2) Windows server as an SMB/CIFS client to the FSx for ONTAP volume and configure data sharing and ACLs for the SMB shares in the volume. To mount an FSx for ONTAP data volume as a network drive, under This PC , choose (right-click) Network and then choose Map Network drive.

Generative AI

Generative AI AWS Applications Serverless

CISA and NSA Cloud Security Best Practices: Deep Dive

Tenable

OCTOBER 8, 2024

The content in the CSIs underscores the importance of concepts such as least privilege, limiting attack surface area and centralizing logs for auditing purposes, as well as the use of tools like key management services (KMS), multi-factor authentication (MFA), and modern encryption protocols.

Cloud

Cloud Google Cloud Storage Data Center

5 Ways to Protect Scanning Credentials for Windows Hosts

Tenable

MAY 8, 2020

This is the second installment in our three-part series exploring how to use Tenable products to protect credentials used for network assessments. In my last post , I covered general best practices for protecting credentials when performing network assessments. Secure SMB protocols. Enforce SMB signing.

Windows

Windows SMB Authentication Network

Microsoft’s June 2020 Patch Tuesday Addresses 129 CVEs Including Newly Disclosed SMBv3 Vulnerability (CVE-2020-1206)

Tenable

JUNE 9, 2020

This flaw can be exploited on an authenticated server or against an SMB client. An authenticated attacker would need to send a specially crafted packet to exploit this vulnerability against a vulnerable SMB server. CVE-2020-1301 | Windows SMB Remote Code Execution Vulnerability. Tenable solutions.

SMB

SMB Software Review Systems Review Windows

From Bugs to Breaches: 25 Significant CVEs As MITRE CVE Turns 25

Tenable

OCTOBER 22, 2024

Once a compromised USB drive was inserted into a system, Stuxnet was executed automatically via the vulnerability, infecting the host machine, propagating to other systems through network shares and additional USB drives. This flaw, along with several other Flash vulnerabilities, highlighted Flash’s risks, accelerating its eventual phase-out.

Software Review

Software Review Windows Groups Network

MSPs are the Holy Grail for Cybercriminals! Are You Protected?

Kaseya

SEPTEMBER 9, 2019

MSPs hold the keys to the kingdom when it comes to data access and, while a typical day won’t involve leaping from trains to protect it like the fictional professor, they still need to take action to keep themselves and their SMB customers safe. They can also jump from a partner or SMB customer over to you! Island Hopping.

SMB

SMB Training Artificial Inteligence Machine Learning

Cybersecurity Snapshot: Log4j Anniversary, CI/CD Risks, Infostealers, Email Attacks, OT Security

Tenable

DECEMBER 9, 2022

As cybercriminals successfully swipe credentials using infostealer malware, they will often launch “MFA-fatigue” attacks to breach compromised accounts that are protected with multifactor authentication. . Multi-Factor Authentication Request Generation ” (MITRE). 4 - Cybersecurity looms large in SMB software purchases.

Software Review

Software Review SMB Development Team Review Malware

Microsoft’s August 2022 Patch Tuesday Addresses 118 CVEs (CVE-2022-34713)

Tenable

AUGUST 9, 2022

Windows Network File System. All three vulnerabilities require authentication and user interaction to exploit — an attacker would need to entice a target to visit a specially crafted Exchange server, likely through phishing. CVE-2022-35804 | SMB Client and Server Remote Code Execution Vulnerability. Windows Digital Media.

SMB

SMB Azure Windows Disaster Recovery

Microsoft’s March 2022 Patch Tuesday Addresses 71 CVEs (CVE-2022-23277, CVE-2022-24508)

Tenable

MARCH 8, 2022

Windows SMB Server. An authenticated user can exploit this vulnerability to execute arbitrary code on an affected server. While an attacker must be authenticated to exploit this vulnerability, Microsoft strongly recommends patching or applying the suggested workarounds as soon as possible. Windows Media. Windows PDEV.

Windows

Windows Authentication SMB .Net

Microsoft’s June 2022 Patch Tuesday Addresses 55 CVEs (CVE-2022-30190)

Tenable

JUNE 14, 2022

Windows Network Address Translation (NAT). Windows Network File System. Windows SMB. CVE-2022-30136 | Windows Network File System Remote Code Execution Vulnerability. CVE-2022-30136 | Windows Network File System Remote Code Execution Vulnerability. Windows Media. Windows PowerShell. The vulnerability received a 9.8

Windows

Windows Azure Internet SMB

Challenges and Checklists While Migrating COTS Application to Cloud

Dzone - DevOps

MARCH 13, 2023

Verify that SaaS offering support required integration with existing interfaces as well as user accessibility (authentication/authorization) and security. File-Based Integration — The existing and target configuration of file share depends on the protocol supported (SMB, NFS, DFS, etc.)

Applications

Applications Cloud Off-The-Shelf SMB

Microsoft’s April 2022 Patch Tuesday Addresses 117 CVEs (CVE-2022-24521)

Tenable

APRIL 12, 2022

Windows Network File System. Windows SMB. EoP flaws like this one are leveraged post-authentication, after an attacker has successfully accessed a vulnerable system, to gain higher permissions. CVE-2022-24491 | Windows Network File System Remote Code Execution Vulnerability. Windows Kerberos. Windows Kernel. Windows RDP.

Windows

Windows Systems Review Software Review SMB

Examining the Treat Landscape

Tenable

OCTOBER 29, 2021

Attackers have a cornucopia of options from which to choose to gain that first step into target networks. Remote Desktop Protocol (RDP) and virtual private network (VPN) solutions are consistently two of the top targets. Specifically, CISA has warned of the TrickBot malware and BlackMatter ransomware abusing SMB.

SMB

SMB Software Review Minimum Viable Product Systems Review

Running the OpenTelemetry Collector in Azure Container Apps

Honeycomb

SEPTEMBER 14, 2022

There are tons of other benefits that come with Container Apps, like built-in Authentication, and SSL termination. For this post, we won’t be using Authentication. We’ll cover securing the infrastructure in VNETs and providing authentication for the frontend app flows later. enabled-protocols SMB. quota 1024.

Azure

Azure Storage SMB Authentication

Running the OpenTelemetry Collector in Azure Container Apps

Honeycomb

SEPTEMBER 14, 2022

There are tons of other benefits that come with Container Apps, like built-in Authentication, and SSL termination. For this post, we won’t be using Authentication. We’ll cover securing the infrastructure in VNETs and providing authentication for the frontend app flows later. enabled-protocols SMB. quota 1024.

Azure

Azure Storage SMB Authentication

Microsoft’s April 2021 Patch Tuesday Addresses 108 CVEs (CVE-2021-28310)

Tenable

APRIL 13, 2021

Windows Network File System. Windows SMB Server. Two of the four flaws, CVE-2021-28480 and CVE-2021-28481, are pre-authentication vulnerabilities, which means they can be exploited by remote, unauthenticated attackers without the need for any user interaction. Windows Installer. Windows Kernel. Windows Media Player. Critical.

Windows

Windows Azure SMB Report

Microsoft’s May 2021 Patch Tuesday Addresses 55 CVEs (CVE-2021-31166)

Tenable

MAY 11, 2021

Windows SMB, Windows SSDP Service. Windows Wireless Networking. An attacker would need to be authenticated in order to exploit these flaws, though successful exploitation would grant an attacker remote code execution through the creation of a SharePoint site. Windows Cryptographic Services. Windows CSC Service. Windows OLE.

Windows

Windows SMB Wireless .Net

CISA Directive 22-01: How Tenable Can Help You Find and Fix Known Exploited Vulnerabilities

Tenable

NOVEMBER 10, 2021

or Tenable.io, for network-based assessments of systems that are hard-wired into your infrastructure. Use Nessus Agents to assess remote users that may not consistently or ever physically plug-in to the corporate network. This means using tools like Nessus Network Monitor , Tenable.ad Use Tenable.ot Use Tenable.ad

Systems Review

Systems Review Software Review Authentication Policies

Microsoft’s July 2021 Patch Tuesday Includes 116 CVEs (CVE-2021-31979, CVE-2021-33771)

Tenable

JULY 13, 2021

Windows SMB. A local, authenticated attacker could exploit these vulnerabilities to run processes with elevated permissions. Based on the scores provided, exploitation of these flaws would require a low privileged account, presumably with the ability to send crafted DNS requests across the network, to target an affected DNS Server.

Windows

Windows Software Review Malware SMB

IT Risk Assessment: Is Your Plan Up to Scratch?

Kaseya

DECEMBER 7, 2021

IT risk assessment refers to the process of identifying and mitigating the risks and threats that can compromise a company’s IT infrastructure, network and database. . Malware and viruses: Cybercriminals use viruses and malware to take over and disrupt computer systems and networks to render them inoperable.

Backup

Backup Disaster Recovery Weak Development Team Systems Review

Atlanta Technology Startup Ecosystem: Venture Capital Providers, Educational Programs and Rising Stars to Learn From

Altexsoft

APRIL 7, 2020

The program also gives access to mentorship, networking events, and workshops. The Institute provides access to incubation and acceleration resources, a wide range of student organizations, networking, speaking events, and competitions. It concentrates on students’ ideas and businesses that bring innovations in any kind.

Technical Review

Technical Review Education Programming Security

50 Best HIPAA-Compliant Cloud Storage Solutions

Datica

SEPTEMBER 11, 2019

Broadly accessible since it supports the SMB protocol. Fully-encrypted Virtual Private Network. Comodo cloud is an open service that is currently being used as an online storage and authentication service globally. For enhanced security, Dropbox offers advanced 256-bit encryption as well as two-factor authentication.

Storage

Storage Cloud Backup Disaster Recovery

CTO Universe

CVE-2024-8260: SMB Force-Authentication Vulnerability in OPA Could Lead to Credential Leakage

It's 2022. Why do you keep using SMB?

Maximize Your Vulnerability Scan Value with Authenticated Scanning

Webinars

Leverage Two-Factor Authentication for Maximized Security

Palo Alto Networks Recognized in Critical Capabilities Report

Microsoft’s September 2024 Patch Tuesday Addresses 79 CVEs (CVE-2024-43491)

Build RAG-based generative AI applications in AWS using Amazon FSx for NetApp ONTAP with Amazon Bedrock

CISA and NSA Cloud Security Best Practices: Deep Dive

5 Ways to Protect Scanning Credentials for Windows Hosts

Microsoft’s June 2020 Patch Tuesday Addresses 129 CVEs Including Newly Disclosed SMBv3 Vulnerability (CVE-2020-1206)

From Bugs to Breaches: 25 Significant CVEs As MITRE CVE Turns 25

MSPs are the Holy Grail for Cybercriminals! Are You Protected?

Cybersecurity Snapshot: Log4j Anniversary, CI/CD Risks, Infostealers, Email Attacks, OT Security

Microsoft’s August 2022 Patch Tuesday Addresses 118 CVEs (CVE-2022-34713)

Microsoft’s March 2022 Patch Tuesday Addresses 71 CVEs (CVE-2022-23277, CVE-2022-24508)

Microsoft’s June 2022 Patch Tuesday Addresses 55 CVEs (CVE-2022-30190)

Challenges and Checklists While Migrating COTS Application to Cloud

Microsoft’s April 2022 Patch Tuesday Addresses 117 CVEs (CVE-2022-24521)

Examining the Treat Landscape

Running the OpenTelemetry Collector in Azure Container Apps

Running the OpenTelemetry Collector in Azure Container Apps

Microsoft’s April 2021 Patch Tuesday Addresses 108 CVEs (CVE-2021-28310)

Microsoft’s May 2021 Patch Tuesday Addresses 55 CVEs (CVE-2021-31166)

CISA Directive 22-01: How Tenable Can Help You Find and Fix Known Exploited Vulnerabilities

Microsoft’s July 2021 Patch Tuesday Includes 116 CVEs (CVE-2021-31979, CVE-2021-33771)

IT Risk Assessment: Is Your Plan Up to Scratch?

Atlanta Technology Startup Ecosystem: Venture Capital Providers, Educational Programs and Rising Stars to Learn From

50 Best HIPAA-Compliant Cloud Storage Solutions

Stay Connected