Common Vulnerabilities and Exposures (CVE)

May 15, 2022Posted inSecurityTags: , , ,
json feed of all apple related things. https://services.nvd.nist.gov/rest/json/cves/1.0?cpeMatchString=cpe:2.3:*:apple curl -s "https://services.nvd.nist.gov/rest/json/cves/1.0?cpeMatchString=cpe:2.3:*:apple" curl -s "https://services.nvd.nist.gov/rest/json/cves/1.0?cpeMatchString=cpe:2.3:*:apple:macOS:catalina" https://csrc.nist.gov/CSRC/media/Projects/National-Vulnerability-Database/documents/web%20service%20documentation/Automation%20Support%20for%20CVE%20Retrieval.pdf this is the documentation. of how to use their CVE feed hope this link works…

Log4j

April 4, 2022Posted inSecurity
Log4j lsof - list open files for log4j lsof | grep log4j https://github.com/isaacatmann/log4j-search/blob/main/log4j-search.sh https://community.jamf.com/t5/jamf-pro/log4j-vulnerability/m-p/254027 https://medium.com/@anchorbuoy_sftw/log4shell-log4j-zero-day-exploit-and-filemaker-server-e20ebe806e8a

Common Configuration Enumaration (CCE)

April 2, 2022Posted inSecurityTags: ,
The Common Configuration Enumaration (CCE) List provides unique identifiers to security-related system configuration issues in order to improve workflow by facilitating fast and accurate correlation of configuration data across multiple…

NIST SP 800-219 macOS Security Compliance Project (mSCP) Guidance

February 22, 2022Posted inApple, macOS Security Compliance Project (mSCP)Tags: , , ,
Apple; baseline; configuration management; endpoint device security; macOS; macOS Security Compliance Project (mSCP); operating system security; security compliance. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-219-draft.pdf This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-219-draft Jamf Pro…