Tech,Space,Gaming, and Science Fiction News to wet your whistle
Internet-Exposed IBM BigFix Relays May Lead to Full Remote Compromise
Internet-facing relays in IBM BigFix deployments could lead to information disclosure and potential full remote compromise if not properly configured, Atredis Partners security researchers have discovered.
Tracked as CVE-2019-4061 and affecting BigFix Platform versions 9.5 - 9.5.11 and 9.2 - 9.2.16, the vulnerability is found in all deployments where relays that are exposed to the Internet are not configured as authenticating.
This misconfiguration could allow an unauthenticated, remote attacker to query the relay and gather information about the updates deployed to the associated sites.
"Internet-facing relays, if any, in a BigFix deployment might be configured as non-authenticating, which exposes the deployment to security risks," IBM notes in an advisory.
"Security attacks in this context might mean unauthorized access to the relays and any content or actions, and download packages associated with them or to the Relay Diagnostics page that might contain sensitive information (for example: software, vulnerability information, and passwords)," IBM continues.
According to Atredis Partners' security researchers, BigFix deployments with external relays that lack authentication expose a very large amount of information to unauthenticated external attackers, and could even lead to full remote compromise.
Some of the data an attacker could access includes server IP, server name, port numbers, digital signatures, and license information (details found in the masthead BigFix uses to publish info on installations), an index of configured sites, and a list of package names and versions.
The researchers also note that the BigFix data is still accessible to an attacker with access to the internal network or to an externally connected system with an authenticated agent, even if relay authentication is enabled.
"The best path to preventing a compromise through BigFix is to not include any sensitive content in uploaded packages," the researchers note.
An Internet-wide survey Atredis Partners conducted revealed the existence of 1,458 BigFix relay servers with relay authentication disabled. The researchers say they were able to query the masthead and obtain information on each of the discovered relays.
"This list included numerous government organizations, large multinational corporations, health care providers, universities, insurers, major retailers, and financial service providers, along with a healthy number of technology firms," the researchers reveal.
After being informed on the vulnerability, the BigFix team updated the documentation and took steps to notify affected customers, a process completed as of March 18, Atredis Partners says.
IBM recommends addressing the vulnerability by configuring Internet-facing relays in BigFix deployment as "authenticating". This would allow only BigFix clients in one's environment to connect to the relay and would also ensure that all communication will take place through TLS (HTTPS).
"This configuration also prevents any unauthorized access to the Relay Diagnostics page," IBM notes.
To enable the relays for authentication, one should head to the BES Support website and find the BES Client Settings: Enable Relay authentication fixlet. Next, they simply need to run the fixlet and wait for the action to finish.
By Liam McCabe This post was done in partnership with Wirecutter . When readers choose to buy Wirecutter's independently chosen editorial picks, it may earn affiliate commissions that support its work. Read the full article here . After six summers of researching, testing, and recommending window air conditioners, we've learned that quiet and affordable ACs make most people the happiest—and we think the LG LW8016ER will fit the bill in most rooms. This 8,000 Btu unit cools as efficiently and effectively as any model with an equal Btu rating, and runs at a lower volume and deeper pitch than others at this price. Little extra features like a fresh-air vent, two-axis fan blades, and a removable drain plug help set it apart, too. The LG LW8016ER is a top choice for an office or den, and some people will find it quiet enough for a bedroom, too. If our main pic
Google has been regularly adding new language support to Gboard , its popular keyboard for iOS and Android. Today, it updated the Android version of its keyboard app with 18 new languages, according to the changelog. You can see the full list of languages the app now supports over at Google Support (over 400!) and download the app from the Google Play store . However, Android Police notes that, when looking at the Google Support list, it could only find 16 new languages or language varieties. These are: Arabic (Gulf) Buryat (Mongolia) Buryat (Russia) Cornish Gondi (Devanagari) Greek (Cyprus) Hakka Hausa (Ghana) Khorasani Turkic (Arabic) Lower Sorbian Mandeali Mundari (Bengali) Portuguese (Macau) Shekhawati Siberian Tatar Talysh (Russia). Additional changes include Japanese support for Android TV
Cuando llevas miles de horas gestionando entornos vSphere, es posible que te encuentres con situaciones o problemas extraños con tus VMs, como es el caso de este post, donde veremos... Leer más » La entrada Forzar el reinicio de una VM que no responde en vSphere aparece primero en Blog de Cenabit . via Latest imported feed items on VMware Blogs https://ift.tt/2OIPfR4 If New feed item from https://blogs.vmware.com/feed , then send me an email at kr