PublicationsDetack and its Australian Partner Why Not Consulting Group have published an article in "Inspire", a Research Australia regularly published magazine. The September 2020 version is a special COVID-19 edition, and our article is about EPAS (Enterprise Password Analytics System) and the frequent cyber-attacks in the healthcare sector. The article can be downloaded below:
The term "state of the art" is everywhere - companies are urged to adapt their IT security to it. However, the expression is not further defined or explained. For this reason, the Bundesverband IT-Sicherheit e.V. (The German Association for IT Security / TeleTrusT) has set up a special working group to draw up guidelines on the state of the art. As a member of this task force, Detack GmbH was actively involved in creating these guidelines. The English version of them was published in cooperation with the European Union Agency for Network and Information Security (ENISA). The original publication is found at: https://www.enisa.europa.eu/news/enisa-news/what-is-state-of-the-art-in-it-security
Ludwigsburg, March 13th, 2018. Detack’s Enterprise Password Analytics System (EPAS) in now integrated with CyberArk Application Identity Manager and provides state of the art password security assessment and enforcement on CyberArk protected systems. Please find further information about the integration in the download below.
Ludwigsburg, March 8th, 2018. Detack GmbH and its partner Praetors AG are proud to announce that the European Patent Office (EPO) has granted the patent no. EP2767922 for technology employed by its Enterprise Password Analytics System EPAS. Designated contracting states/countries: AL, AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LI, LT, LU, LV, MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR.
Ludwigsburg, June 9th, 2016. Detack GmbH and its partner Praetors AG are proud to announce that the United States Patent and Trademark Office (USPTO) has granted the U.S. patent no. 9,292,681 B2 for technology employed by its Enterprise Password Analytics System EPAS.
Ludwigsburg/Germany, February 25th, 2016 - Detack GmbH will be part of this year´s RSA conference to introduce its unique Enterprise Password Analytics System EPAS to the North American market. As an independent supplier of high quality IT security audits and in-house developed IT security products, Detack will be present in San Francisco from February 29 – March 3 as part of the German pavilion, North Expo Booth N4020/03.
EPAS Enforcer is a password quality enforcement component, provided as a licensed feature of EPAS(Enterprise Password Analytics System). EPAS Enforcer for A/D integrates as an LSA filter on the Windows Active Directory domain controllers and ensures that passwords meet defined security requirements when set or changed, in line with a centralized policy mandated by the risk category of the information they protect. The new password is tested against the EPAS evaluation criteria and is accepted or rejected, depending on the defined security requirements. This means that formerly permitted passwords like “Password123” or “Secret!” are not accepted any longer by the computer.
advisoriesIt was determined that the OpenShift Container Platform 4 exposes sensitive data through ignition config without authentication, on Baremetal, OpenStack, Ovirt, Vsphere and KubeVirt deployments which do not have a separate internal API endpoint and allow access from outside the cluster to port 22623 from the standard OpenShift API Virtual IP address. This is a partial discovery. Read more...
The default deployment provided by Ansible playbook for Confluent Platform installations, prior to versions cp-ansible 5.5.3 and 6.0.1, can enable an attacker to access an auxiliary component used for monitoring, which in some cases, can lead to privilege escalation. Read more...
Confluent Ansible (cp-ansible) versions prior to 5.5.3 set insecure permissions on some of the sensitive local configuration files of the platform components. Read more...
A man-in-the-middle vulnerability was found in Micro Focus Self Service Password Reset, affecting all versions prior to 4.4.0.4. The vulnerability consists in an invalid certificate validation and may result in a man-in-the-middle attack. Read more... (netiq.com)
BlackBerry UEM is missing security features which allow it to verify the integrity and authenticity of a work application, allowing attackers with operating system access on the Android and Apple iOS platforms to spoof the work application(s), and therefore access protected enterprise resources. Read more...
A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions prior to 6.0. Read more... (netiq.com)
The screen sharing software Mikogo by Snapview is affected by a privilege escalation vulnerability, allowing arbitrary users with access to a workstation provided with Mikogo to escalate their privileges and issue arbitrary commands in the context of the SYSTEM user. The vendor provides patched versions of the software which should be installed immediately. Read more...
A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, remote attacker to access sensitive system usage information. Read more... (cisco.com)
A vulnerability in the FUSE filesystem functionality for Cisco Application Policy Infrastructure Controller (APIC) software could allow an authenticated, local attacker to escalate privileges to root on an affected device. Read more... (cisco.com)
A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device. Read more... (cisco.com)
A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to perform insecure TLS client authentication on an affected device. Read more... (cisco.com)
A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. Read more... (cisco.com)
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, remote attacker to access sensitive information. Read more... (cisco.com)
A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, local attacker with physical access to obtain sensitive information from an affected device. Read more... (cisco.com)
The JIRA addon Power Scripts by cPrime was affected by improper authorizations, allowing any JIRA user to probe for and read arbitrary files from the underlaying server file system. The vendor provides patched versions of the addon. Read more...
A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. Read more... (cisco.com)
A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. Read more... (cisco.com)
The Cordware bestinformed Windows Client was affected by an insecure implementation of network level encryption, allowing an attacker to issue arbitrary commands to the client. The vendor provides patched versions of the client which should be installed immediately. Read more...
The Cordaware bestinformed Windows Client was affected by vulnerabilities which allowed for remote code execution and local privilege escalation. The vendor provides patched versions of the client which should be installed immediately. Read more...
