New episode “In The Trend of VM” (#10): 8 trending vulnerabilities of November, zero budget VM and who should look for patches. The competition for the best question on the topic of VM continues. 😉🎁
📹 Video on YouTube, LinkedIn
🗞 Post on Habr (rus)
🗒 Digest on the PT website
Content:
🔻 00:29 Spoofing – Windows NTLM (CVE-2024-43451)
🔻 01:16 Elevation of Privilege – Windows Task Scheduler (CVE-2024-49039)
🔻 02:16 Spoofing – Microsoft Exchange (CVE-2024-49040)
🔻 03:03 Elevation of Privilege – needrestart (CVE-2024-48990)
🔻 04:11 Remote Code Execution – FortiManager “FortiJump” (CVE-2024-47575)
🔻 05:19 Authentication Bypass – PAN-OS (CVE-2024-0012)
🔻 06:32 Elevation of Privilege – PAN-OS (CVE-2024-9474)
🔻 07:42 Path Traversal – Zyxel firewall (CVE-2024-11667)
🔻 08:37 Is it possible to Manage Vulnerabilities with no budget?
🔻 09:53 Should a VM specialist specify a patch to install on the host in a Vulnerability Remediation task?
🔻 10:51 Full digest of trending vulnerabilities
🔻 11:18 Backstage
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.