Author: Andrew Swoboda

What is it? The Tripwire Enterprise Change Audit rules provide customers with the ability to monitor for change events that could have an impact on a system. Monitoring for change events can help administrators identify malicious and/or unexpected changes within their environment. Changes to CA Additional rules were added to the Change Audit rule set. These rules provide customers the ability to monitor for changes to the firewall, Windows Filtering Platform, and Microsoft Store. Firewall Firewalls monitor network traffic and use rules to block or allow traffic. Allowing services that are not...

The Tripwire Vulnerability Exposure and Research Team (VERT) keeps its finger on the cybersecurity pulse. Check out some of the stories that stood out for us recently: Multiple Vulnerabilities in Netgear Routers Netgear RAX30 routers are subject to multiple vulnerabilities. These vulnerabilities could be chained together to achieve an authentication bypass and code execution. It is advised that vulnerable Netgear RAX30 routers are updated to version 1.0.10.94 or later to resolve these vulnerabilities. https://thehackernews.com/2023/05/netgear-routers-flaws-expose-users-to.html Privilege...

The Tripwire Vulnerability Exposure and Research Team (VERT) keeps its finger on the cybersecurity pulse. Check out some of the stories that stood out for us recently: WordPress forced the patching of WooCommerce Plugin The WooCommerce Plugin is subject to a privilege escalation vulnerability where an unauthenticated attacker could gain admin access to vulnerable stores. This vulnerability allows attackers to impersonate administrators and take over vulnerable websites. At this point, the vulnerability was not publicly exploited on the internet. Admins that host their own installation of...

The Tripwire Vulnerability Exposure and Research Team (VERT) keeps its finger on the cybersecurity pulse. Check out some of the stories that stood out for us recently: Compromised Linux Endpoints can be isolated with Microsoft Defender Microsoft Defender for Endpoint can now isolate compromised Linux environments. This can potentially mitigate the amount of data attackers could obtain from infected systems. The network isolation feature cuts off access to the network, but it allows Defender for Endpoint to continue monitoring the system. It is possible to “release from isolation” when the...

The Tripwire Vulnerability Exposure and Research Team (VERT) are constantly looking out for exciting stories and developments in the cybersecurity world. Here’s what news stood out to us, including some comments on these stories. Vulnerabilities discovered in Netcomm and TP-Link Routers Netcomm routers are subject to an authentication bypass and a buffer overflow. Chaining these vulnerabilities together could allow attackers to execute arbitrary code. Vulnerable devices include NF20MESH, NF20, and NL1902 running software versions earlier than R6B035. TP-Link routers are subject to information...

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of December 19th, 2022. I’ve also included some comments on these stories. NIST Recommends upgrading from SHA-1 The SHA-1 algorithm has reached the end of its usefulness, according to security experts at the National Institute of Standards and Technology (NIST) , and is being put out to pasture. NIST now recommends that IT professionals replace all existing instances of...