On this episode, we talk about February’s Patch Tuesday, the release of a PoC for CVE-2020-0618, and exploitation of a vulnerability in the ThemeGrill Demo Importer plugin for WordPress. We also speak with Ryan Hoy about the Vulnerability Intelligence Feeds and the work his team does developing and improved the plugin automation framework.
Catch Tenable Researchers presenting at BSides Tampa on February 29.
Recent SRT blog posts:
https://www.tenable.com/blog/cve-2020-0618-proof-of-concept-for-microsoft-sql-server-reporting-services-vulnerability-0
https://www.tenable.com/blog/themegrill-demo-importer-vulnerability-actively-exploited-in-the-wild
https://www.tenable.com/blog/microsoft-s-february-2020-patch-tuesday-addresses-99-cves-including-internet-explorer-zero-day
https://www.tenable.com/blog/cdpwn-cisco-discovery-protocol-vulnerabilities-disclosed-by-researchers
Primary Research
https://www.tenable.com/blog/cryptocurrency-scams-fake-giveaways-impersonate-followers-of-political-and-other-notable
The Tenable Tech Blog on Medium
https://medium.com/tenable-techblog/bypass-windows-10-user-group-policy-and-more-with-this-one-weird-trick-552d4bc5cc1b?source=collection_home---4------0-----------------------
https://medium.com/tenable-techblog/exploiting-jira-for-host-discovery-43be3cddf023
Follow the Security Response Team on the Tenable Community https://community.tenable.com/s/group/0F9f2000000fyxyCAA/cyber-exposure-alerts
Information
- Show
- PublishedFebruary 21, 2020 at 9:00 PM UTC
- Length19 min
- Episode1
- RatingClean