Even more than two years after the first problems with Log4j became known, many scenarios are apparently still running unpatched versions of the logging library. Greenbone’s products help – especially in detecting outdated software. No one should take Log4j lightly as a done deal just because the vulnerability (CVE 2021-44228) has actually been fixed for […]
At its latest patchday, software manufacturer Microsoft patched a severe zero-day vulnerability that had been exploited by intelligence agencies and Russian hacker groups, among others, in the summer of 2022. Early on, Greenbone was able to provide a test in the process, helping companies find unpatched systems and secure data centers and clients. The CVE-2023-23397 […]
According to the latest study by Orange Security, 13 percent of the vulnerabilities found in today’s corporate networks were already known in 2012, and almost half of all gaps are more than five years old – and the trend is increasing. Professional vulnerability management such as the Greenbone product family can provide a remedy. The […]
A new wave of ransomware attacks has been threatening numerous servers in Europe. The attacks focus on the hypervisors in VMware’s virtualization server ESXi. Patches are available, Greenbone’s products can protect and help to find the vulnerability. The German BSI explicitly warns of the vulnerability and in its latest information on the security situation speaks […]
For almost two years, Greenbone has been adding more and more tests from the recommendations of the Center for Internet Security (CIS) in its security feed. Among the newest ones are benchmarks for the container management solution Docker. Docker is one of the most common container technologies in enterprise environments. Its increasing popularity within DevOps […]
In the 10th edition of its ENISA Threat Landscape (ETL), the EU’s cybersecurity agency explicitly warns of increasing threats from hacking attacks on public sector entities. Around a quarter of all security related incidents target administrative or government entities, the ENISA study reports – making the public sector nearly twice as much at risk as […]
The EuGH ruling known as “Schrems-II” on secure data exchange with the US has left a lot of legal uncertainty: Companies urgently need to adapt their contracts and a new solution is not in sight. It is time to switch to modern, data protection compliant and legally secure tools – such as the Greenbone Cloud […]
ViPNet Client integrated into Greenbone Vulnerability Management According to a report by ZDF Magazin Royale last Friday, there are growing fears that the VPN software “VIPNET”, from the company Protelion, a subsidiary of the Russian cybersecurity company O.A.O.Infotecs, could have security vulnerabilities. It is feared that the software, which Protelion distributes, could allow the Russian […]
We have developed a remote test for the Microsoft Exchange Server ProxyNotShell vulnerability GTSC2022. Update from 2022-10-13: The vulnerability still exists after the October patchday on Tuesday. The blog post of Microsoft’s Security Response Center is continuously updated by the company, the last entry is from October 08. The mentioned zero-day exploit in Microsoft Exchange […]
Greenbone is stepping up its commitment to open source and the community edition of its vulnerability management software. In addition to the open source code on Github, Greenbone now also provides pre-configured and tested Docker containers. Official containers from the manufacturer itself The Greenbone Community Containers are regularly built automatically and are also available for […]
