Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-34918PUBLISHED: 2022-07-04
An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an u...
CVE-2022-34829PUBLISHED: 2022-07-04Zoho ManageEngine ADSelfService Plus before 6203 allows a denial of service (application restart) via a crafted payload to the Mobile App Deployment API.
CVE-2022-31600PUBLISHED: 2022-07-04
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmmCore, where a user with high privileges can chain another vulnerability to this vulnerability, causing an integer overflow, possibly leading to code execution, escalation of privileges, denial of service, compromised integrity, and informat...
CVE-2022-31601PUBLISHED: 2022-07-04NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmbiosPei, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure.
CVE-2022-31602PUBLISHED: 2022-07-04NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with elevated privileges and a preconditioned heap can exploit an out-of-bounds write vulnerability, which may lead to code execution, denial of service, data integrity impact, and information disclosure.
User Rank: Ninja
12/8/2014 | 11:40:03 AM
DDoS attacks and overt port scanning are still tools used by malicious actors today. This stuff isn't gone folks... it just doesn't catch the headlines that it used to. Heck, these activites happen so often that such events have become analogous to people who exceed the speed limit when driving.
Newer methods like MITM and watering hole attacks are making boundary defenses seem out of date, but these are methods are just different in nature and do not preclude the need for boundary defenses. In some situations, boundary defenses can still assist in mitigation of newer external risks.
What has changed is the defense-in-depth mindset that the industry is beginning to embrace. Back in the day, internal (within the boundaries defenses) protections were usually relegated to AV and Spam protection mechanisms.
Current security programs will have DLP strategies, DAR protections, whitelisting practices, and SIEM implementations. New "nex-gen" malicious activity solutions are also coming to the fore as security product vendors find new ways to monitor the secure operations of "all the things".
The idea that a "fence around the things" is not dead, it is just part of a much deeper and more complex security puzzle that will (hopefully) make malicious actors work harder for more limited success.
Of course, the greatest weakness of any security program is people.
How people use systems and data will likely be the endless frontier of risk management.