Trustwave's 2024 Retail Report Series Highlights Alarming E-Commerce Threats and Growing Fraud Against Retailers. Learn More
Get access to immediate incident response assistance.
Get access to immediate incident response assistance.
Trustwave's 2024 Retail Report Series Highlights Alarming E-Commerce Threats and Growing Fraud Against Retailers. Learn More
As cliché as it may sound, security is done in layers and so, using our generic rules, we were able to provide 0-day protection against the recent Internet Explorer 0-day CVE-2012-4792 with our Secure Web Gateway (SWG). You can read more in our previous blog posts:
exploit analysis and payload analysis.
With today's release of Security Update 141 for SWG we are
adding detection rule which is specific to CVE-2012-4792, named "Internet
Explorer CDwnBindInfo Object use-after-free vulnerability". This rule will
provide another layer of defense against exploits of this vulnerability.
TURKTRUST Inc., a trusted CA, has incorrectly created two subsidiary certificates which one of them was later used to generate a fraudulent digital certificate of Google. That certificate
was then used in an active attack. As a result, SU141 is removing SWG trust of the following certificates:
For further information, see Microsoft's Security Advisory 2798897.
Security Update 141 comes with some more goodies. Here is a link to the release notes for further information.
Stay safe.
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.
Copyright © 2024 Trustwave Holdings, Inc. All rights reserved.