New episode “In The Trend of VM” (#10): 8 trending vulnerabilities of November, zero budget VM and who should look for patches. The competition for the best question on the topic of VM continues.
Video on YouTube, LinkedIn
Post on Habr (rus)
Digest on the PT website
Content:
00:29 Spoofing – Windows NTLM (CVE-2024-43451)
01:16 Elevation of Privilege – Windows Task Scheduler (CVE-2024-49039)
02:16 Spoofing – Microsoft Exchange (CVE-2024-49040)
03:03 Elevation of Privilege – needrestart (CVE-2024-48990)
04:11 Remote Code Execution – FortiManager “FortiJump” (CVE-2024-47575)
05:19 Authentication Bypass – PAN-OS (CVE-2024-0012)
06:32 Elevation of Privilege – PAN-OS (CVE-2024-9474)
07:42 Path Traversal – Zyxel firewall (CVE-2024-11667)
08:37 Is it possible to Manage Vulnerabilities with no budget?
09:53 Should a VM specialist specify a patch to install on the host in a Vulnerability Remediation task?
10:51 Full digest of trending vulnerabilities
11:18 Backstage