BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
@DTHAPA Y2K22 just 3 days in and it's starting great so far for ES and Exchange customers, can't wait what the remaining 362 days will bring :) --Michael@BWC
-
@ThK is Capture Client is involved my best guess it's in there, probably this WebProtection desaster again. It was causing DNS trouble when installed on a Windows DNS server for example. YMMV. --Michael@BWC
-
That's a bummer, HES is not affected it's a on-prem thing only it seems. --Michael@BWC
-
@SteveS that's probably the balance between security and convinience. Of course it would be more secure to NOT skip entering token for a period of time, but it's probably annoying for the endusers. When your PSK (it's shared and probably known to many) and your username/password gets compromised, access from external is…
-
@KinLeung yes, check over here: --Michael@BWC
-
@SteveS I personally wouldn't count the PSK as a factor, for me it starts with username/password and what comes afterwards. So in my opinion to provide real Multi-Factor you need username + password + OTP. PSK is to static to be real factor, IMHO. Your ideology may vary :) --Michael@BWC
-
@SteveS you can use GVC with Radius Authentication, last time I checked Radius Challenge/Response wasn't working, can't tell if this has changed. Workaround was to use password+otp while logging in. --Michael@BWC
-
@pmelchiori I cannot reproduce these kind of errors, no errors thrown when in the ARP Cache search field. Is this also happening when you access in Incognito Mode? Because you already checked on multiple Endpoints I guess we can root out any Cache, Plugin etc. issues. I'am lost at this point. --Michael@BWC
-
Another flaw detected, hopefully not relevant for ES, but should be addressed no matter what. https://www.securityweek.com/another-remote-code-execution-vulnerability-patched-log4j --Michael@BWC
-
@pmelchiori I checked again on a TZ 270 this time, filtering is working as expected. It seems you already checked on different endpoints, any common component which could interfere, e.g. Endpoint Security, Brower Plugin etc.? Does your Browser Console throw any errors when trying to filter? --Michael@BWC
-
Hi Steph, merry christmas. This might be well known allready, I don't use it myself, but others are struggling too: --Michael@BWC
-
@Craig_S it's available for ES 5000 and 7000, but still missing for VMware and Hyper-V --Michael@BWC
-
Maybe the next update for on-premise deployments is near, at least HES got another update to 10.0.13.7219. This is all speculation, because as usual there is no specific information from SNWL. --Michael@BWC
-
DMARC does not seems to be strong suit of Email Security, while waiting for the answer about the failing incoming DMARC reporting I found another flaw in outbound DMARC reports, which render them probably useless. The XML generated by ES is not compliant to RFC7489, it should contain a record like this: <identifiers>…
-
Well, it keeps on coming, CVE-2021-45105 is the new member of the log4j debacle, CVSS 7.5 (High). It seems another patch with log4j 2.16 is coming, according to PSIRT, but this will not cover the above. 2.17 is the recommended version (by now). I already added this to my Engineering Ticket, but I'am sure SNWL is aware…