Tenable Network Security Podcast Episode 198 - "PCI Discussion Featuring Jeffrey Man"
Announcements
- We're hiring! - Visit the Tenable website for more information about open positions.
- Want to ask questions about Nessus, PVS, SecurityCenter, and LCE, and get answers from the experts at Tenable? Join the Tenable Discussions Forum for custom scripts, announcements, and more!
- You can find links to subscribe to Tenable's Podcast feed, YouTube Channel, Twitter, and Facebook accounts at http://www.tenable.com/podcast!
PCI Discussion Featuring Jeffrey Man
- Many retailers have been breached. What could PCI do to help prevent this and arm the retailers against this threat?
- One would think that it's in the best interest of the retailers, the consumer, and the credit card companies to prevent this from happening. What can we do to suggest better regulations?
- PCI seems pretty specific to payment card systems, but many breaches involve other systems which do not fall under compliance. Do you see this changing?
Also check out our technical write-up on Trojan.Win32.FSYSNA.fej aka Chewbacca (malware targeting PoS (Point of Sale) systems).
Nessus
General
- Shockwave Player <= 12.0.7.148 Multiple Memory Corruption Vulnerabilities (APSB14-06)
- MS14-011: Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (2928390)
- MS14-010: Cumulative Security Update for Internet Explorer (2909921)
- MS14-009: Vulnerabilities in .NET Framework Could Allow Privilege Escalation (2916607)
- MS14-008: Vulnerability in Microsoft Forefront Protection for Exchange Could Allow Remote Code Execution (2927022)
- MS14-007: Vulnerability in Direct2D Could Allow Remote Code Execution (2912390)
- MS14-006: Vulnerability in ICMPv6 Could Allow Denial of Service (2904659)
- MS14-005: Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2916036)
- Web Site Client Access Policy File Detection
- Sophos Anti-Virus Engine < 3.50.1 System Objects DoS
- Cisco Secure ACS Portal Interface Session Hijacking
- Oracle Secure Global Desktop Multiple Vulnerabilities
- Oracle Secure Global Desktop Unsupported Release
- Synology DiskStation Manager (DSM) Detection
- Synology DiskStation Manager 4.0-x < 4.0-2259 / 4.1-x / 4.2-x < 4.2-3243 SLICEUPLOAD Function Remote Code Execution
- Synology DiskStation Manager < 4.3-3776 Update 2 Multiple Vulnerabilities
- Synology DiskStation Manager < 4.3-3776 Update 3 info.cgi Multiple Parameters XSS
- Synology DiskStation Manager 4.3-x < 4.3-3810 Update 1 Multiple Vulnerabilities
- Synology DiskStation Manager < 4.3-3810 Update 3 Multiple FileBrowser Component Directory Traversal Vulnerabilities
- Synology DiskStation Manager uistrings.cgi lang Parameter Directory Traversal
- Novell Client 2 Vba32 AntiRootKit DoS
- McAfee VirusScan Enterprise 8.8 < 8.8 Patch 1 DoS
- Microsoft Internet Explorer Version Detection
- IBM SPSS SamplePower 3.0.1 < 3.0.1 IF1 ActiveX Control Remote Code Execution
- Oracle Identity Manager October 2013 CPU
- Artweaver Detection
- Artweaver 3.x < 3.1.5 JPG File Handling Stack-based Buffer Overflow
- WinSCP < 5.1.6 RSA Signature Blob Integer Overflow
- Red Hat JBoss Enterprise Application Platform 6.1.0 Security Update (RHSA-2013-1843)
- Dell KACE K1000 Web Detection
- Dell KACE K1000 < 5.5 Multiple SQL Injection Vulnerabilities
- IrfanView MrSID Plugin < 4.37 Multiple Buffer Overflows
- Adobe Digital Editions 2.0.0 'rmsdk_wrapper.dll' Memory Corruption (APSB13-20)
- Adobe Digital Editions 2.0.1 Memory Corruption (Mac OS X)
- HP B-series SAN Network Advisor Installed (Linux)
- Dell KACE K2000 < 3.3.52857 Multiple Vulnerabilities
- WinSCP < 5.1.7 Multiple Vulnerabilities
- MediaWiki < 1.19.10 / 1.21.4 / 1.22.1 Multiple Vulnerabilities
Passive Vulnerability Scanner
Vulnerability Detection
- FlashCanvas <= 1.5 Reflected Cross-site Scripting Attack
- Mozilla Firefox < 27.0 / 24.3 (ESR version) Multiple Vulnerabilities
- Mozilla Firefox for Android < 27.0 Multiple Vulnerabilities
- Mozilla SeaMonkey < 2.24 Multiple Vulnerabilities
- Mozilla Thunderbird < 24.3 Multiple Vulnerabilities
- Google Chrome < 32.0.1700.102 Multiple Vulnerabilities
- Google Chrome < 32.0.1700.107 Remote Code Execution
- OID parsing
- Adobe AIR <= 3.9.0.1380 Multiple Vulnerabilities (APSB14-02)
- Flash Player (Internet Explorer) <= 11.9.900.170 Multiple Vulnerabilities (APSB14-02)
- Flash Player < 12.0.0.43 Multiple Vulnerabilities (APSB14-02)
- Flash Player <= 11.7.700.260 / 12.0.0.43 (inferred) Remote Code Execution (APSB14-04)
- Flash Player <= 11.7.700.260 / 12.0.0.43 Multiple Vulnerabilities (APSB14-04)
SecurityCenter Apps
Dashboards
Reports
Security News Stories
- Snowden's tools for hacking NSA not exactly high tech
- Evan Schuman: Get ready, IT; here comes the Internet of Things
- Patch Tuesday brings Microsoft fixes and Adobe Shockwave update
Related Articles
Cybersecurity Snapshot: Latest MITRE ATT&CK Update Offers Security Insights on GenAI, Identity, Cloud and CI/CD
April 26, 2024Check out what’s new in Version 15 of the MITRE ATT&CK knowledge base of adversary tactics, techniques and procedures. Plus, learn the latest details about the Change Healthcare breach, including the massive scope of the data exfiltration. In addition, why AI cyberthreats aren’t impacting CISOs’ budgets. And much more!
CVE-2024-20353, CVE-2024-20359: Frequently Asked Questions About ArcaneDoor
April 25, 2024Frequently asked questions about CVE-2024-20353 and CVE-2024-20359, two vulnerabilities associated with “ArcaneDoor,” the espionage-related campaign targeting Cisco Adaptive Security Appliances.
CVE-2024-4040: CrushFTP Virtual File System (VFS) Sandbox Escape Vulnerability Exploited
April 23, 2024A zero-day vulnerability in CrushFTP was exploited in the wild against multiple U.S. entities prior to fixed versions becoming available as the vendor recommends customers upgrade as soon as possible.
- PCI
- Podcast