SecPod Blog

Jul28 0

SanerNow 4.6.0.0 comes out with several enhancements to enrich the product usage experience. This maintenance release also includes bug fixes to enhance the performance of the SanerNow platform. Release Summary Patch Management (PM) module improved with new enhancements Upgraded patch management dashboard: Enhanced visibility in the Patch Management (PM) Dashboard to understand risks, patches, and […]

Jul28 0

Are you aware of the worst cyberattack of 2017, the WannaCry ransomware? WannaCry was one of the worst-hit ransomware attacks that surfaced around May 2017, in Asia. The malware spread like wildfire and infected more than 230,000 computers in a day. The WannaCry attack mainly affected the Windows operating system, and more than $4 billion […]

Jul28 2

SecPod Labs: Cisco Read-Only Path Traversal Vulnerability (CVE-2020-3452)

Cisco has released a Security Advisory for the actively exploited worldwide CVE-2020-3452. Cisco Read-Only Path Traversal Vulnerability in the web services interface of Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to perform directory traversal attacks & read sensitive files on the system. Rapid 7 Researchers found […]

Jul22 0

We are excited to announce the launch of our newly designed website – https://www.secpod.com/. At SecPod, we always strive towards making things convenient and user friendly. After months of numerous discussions, brainstorming sessions, multiple changes, and dedicated teamwork, we are glad to release our new website today with a much more attractive look. As […]

Jul20 0

The worldwide web is arguably the best source of information and opportunities currently. On the other hand, there are countless threats looming at every nook and cranny of the web as well. The truth is that everyone is at risk when going online. This includes private individuals, small businesses, and especially large corporations. According to […]

Jul16 0

Microsoft Windows DNS Server Remote Code Execution Vulnerability - SIGRed (CVE-2020-1350)

A critical and wormable 17 years-old vulnerability has been discovered in Microsoft Windows DNS Servers which can allow an attacker to run arbitrary code on the vulnerable system. The vulnerability is identified as CVE-2020-1350 and resides in the way how DNS Server parses incoming query or a response for a forwarded request. This vulnerability has […]

Jul15 0

Microsoft Security Bulletin Summary for July 2020

Microsoft has released July Patch Tuesday security updates, addressing a massive number of 123 vulnerabilities and one advisory in the family of Windows operating systems and related products. Out of these, 18 are classified as Critical and 105 as Important which includes Microsoft Windows, Edge EdgeHTML-based, Chromium-based, ChakraCore, Internet Explorer, Microsoft Office, and Microsoft Office […]

Jul13 0

A critical zero-day vulnerability has been found in Zoom – A video conferencing software, for Windows 7 or below. The vulnerability allows an attacker to execute remote code on the victim’s system without triggering any security warning. To successfully exploit this vulnerability, the attacker tricks a victim to perform operations like opening a crafted document. […]

Jul10 0

Palo Alto Network(PAN) has recently fixed a critical vulnerability, related to the PAN-OS operating systems. The operating systems are known to power Palo Alto’s next-generation firewall. The vulnerability is tracked as CVE-2020-2021 with a CVSSv3 base score of 10. PAN-OS is the custom operating system (OS) that Palo Alto Networks (PAN) uses in their next-generation […]

Jul08 0

Citrix announces the release of patches for fixing a set of 11 critical flaws found in three of its networking products: Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. As per the Citrix sources, the vulnerabilities don’t have any trace of active exploitation, and 5 out of the […]