Pentera Blog

Hopefully, the PwnKit vulnerability will be the turning point where security teams stop the vulnerability-centric approach that results in patch whack-a-mole and shift toward focusing on evaluating and validating true risk.

Right before you run off to patch patch patch – let’s look at the key things you should be aware of. We’ll specifically relate to Log4Shell but this is relevant for other recently reported critical vulnerabilities.

DHCP may be famous for being an essential Windows networking protocol, but it is also infamous, or at least it should be, for falling victim to cyber attacks and leading adversaries to dangerous achievements.

DHCP is an essential Windows networking protocol, a favorite among network admins. Read about the basics of DHCP allocation and common DHCP Spoofing techniques.

Pentera’s research team ‘Pentera Labs’ discovered a vulnerability in VMware’s vCenter Server program. The affected VMware software is installed in over 500,000 organizations worldwide and is responsible for managing their most critical systems. The findings were proactively reported to VMware and later released under CVE-2021-22015. 

The trope of the burglar comparison in cybersecurity is more than overused. But when we talk about the damage of a break-in, it’s not just picking the lock that’s the problem- we worry about what they’ll steal, what they’ll destroy,  even what they’ll plant (yes, I have an active imagination). What seals the deal on a good heist is always the inside man, the bank clerk, the janitor or even the shareholder with gambling problems. It seems that the ransomware groups are catching up.

Inspecting a vulnerability in silo will not reduce the organization’s true risk as critical context is missing. To outsmart and outmaneuver the sophisticated adversary, shifting from silo approaches – asset management, vulnerability-centric focus, bi-yearly penetration testing, continuous red-teaming, risk-based vulnerability management, and patch management is critical to scale and mature your security program.

If this question is keeping you up at night, you are certainly not alone. The threat is tangibly real and immediate, with ransomware damages projected to top $20 billion by the end of the year (Cybersecurity Ventures, 2021) and the average cost to recover from a ransomware attack estimated at $1.85 million (Varonis 2021). The stakes have reached a critical point and no organization, no matter how big or small, can hope to escape unscathed without addressing the threat head-on. 

There are patches or remediations for all the top vulnerabilities, but they’re still being exploited in the wild. Why is that? Well, if you were the attacker, would you go through all the trouble of inventing a new zero day exploit (just for some street cred), or instead leverage an off-the-shelf one?