rapid response

March 15, 2022

Finding Veeam Backup & Replication instances

Veeam recently published information on two vulnerabilities in the Veeam Backup & Replication product, originally reported by Nikita Petrov of Positive Technologies. Which versions are affected? These vulnerabilities affect Backup & Replication versions 9.5, 10, and …

Read More

March 9, 2022

Finding APC assets vulnerable to TLStorm

Researchers at Armis recently published details on three new vulnerabilities affecting cloud-connected APC Smart-UPS devices manufactured by Schneider Electric. Dubbed “TLStorm”, two of these vulnerabilities exist in the firmware TLS implementation, while the …

Read More

February 28, 2022

Finding GitLab instances

The development team at GitLab issued a new critical security release that patches seven recently-disclosed vulnerabilities in GitLab software. Reported by customers, security researchers, and GitLab team members, these vulnerabilities are located in various components of …

Read More

February 18, 2022

Finding Zabbix instances

Popular monitoring tool Zabbix surfaced in security news this week due to two newly disclosed vulnerabilities. Discovered by researchers at SonarSource, successful exploitation of vulnerable Zabbix Frontend targets could allow authentication bypass, configuration changes, …

Read More

February 15, 2022

Finding Moxa MXview instances

Security researchers with Claroty’s Team82 recently published findings of five discovered vulnerabilities in Moxa’s MXview software. Focused on “industrial network management”, MXview enables management of deployed Operational Technologies (OT) and …

Read More

February 11, 2022

Finding SAP NetWeaver instances vulnerable to ICMAD

A set of recently patched SAP vulnerabilities has been surfaced by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), with their recommendation to patch as soon as possible. Discovered and disclosed by security researchers at Onapsis, these three …

Read More

February 2, 2022

Finding Samba instances with vulnerable vfs_fruit

A new vulnerability has surfaced in Samba, which has the potential to provide unauthenticated remote code execution to attackers. Popular as Windows-compatible file sharing and print services software via the SMB protocol, Samba typically runs under Linux and other …

Read More

January 27, 2022

Finding Linux instances vulnerable to PwnKit

News dropped this week around a memory corruption vulnerability with a broad reach across many Linux distributions, including Ubuntu, Debian, Mint, RHEL, Fedora, CentOS, Oracle, Arch, and SUSE. Having been present-but-unseen for over 12 years now, CVE-2021-4034 (with a …

Read More

January 26, 2022

Finding Control Web Panel (CWP) instances

Rumble Network Discovery is now runZero! Security researcher Paulos Yibelo shared findings this week on two new vulnerabilities within the popular Control Web Panel (formerly CentOS Web Panel) web hosting management software. Both CVE-2021-45466 (a file write vulnerability) …

Read More

January 14, 2022

Ringing in 2022 with vulns, more vulns, and CISA guidance

Rumble Network Discovery is now runZero! Wrapping up 2021 and kicking off 2022, there were no shortages of vulnerabilities, vendor security advisories, patches, and active exploitations. Oh, did we mention, even more vulnerabilities and more patches? To ring in 2022 …

Read More