vulnerability
Vulnerabilities and cyberattacks that marked the year 2021
Rapid7 announced the release of a report examining the 50 most notable security vulnerabilities and high-impact cyberattacks in 2021. On any given day, security professionals …
Spring4Shell: New info and fixes (CVE-2022-22965)
In this video for Help Net Security, Ax Sharma, Senior Security Researcher at Sonatype, talks about the latest developments regarding Spring4Shell, the unauthenticated RCE …
JavaScript security: The importance of prioritizing the client side
In this interview with Help Net Security, Vitaliy Lim, CTO at Feroot, talks about the most common JavaScript threats, the devastating impact of malicious or vulnerable code, …
Spring4Shell: No need to panic, but mitigations are advised
Security teams around the world got another shock on Thursday when news of disclosure of a PoC for an unauthenticated RCE zero-day vulnerability in Spring Core, a massively …
The benefits of implementing continuous security in the development lifecycle
Wabbi published new research with IDG that finds companies utilizing continuous security have decreased vulnerabilities by 50%. The study focused on the integration of …
Attackers are exploiting recently patched RCE in Sophos Firewall (CVE-2022-1040)
A critical vulnerability (CVE-2022-1040) in Sophos Firewall is being exploited in the wild to target “a small set of specific organizations primarily in the South Asia …
The security gaps that can be exposed by cybersecurity asset management
Cybersecurity asset management does not come with the excitement following the metaverse, blockchain, or smokescreen detection technologies, but it is essential for the …
Subdomain takeover attacks on the rise and harder to monitor
A research from Detectify found that subdomain takeovers are on the rise but are also getting harder to monitor as domains now seem to have more vulnerabilities in them. In …
Three steps to secure an organization during mergers and acquisitions
Since 2000, there have been over 790,000 merger and acquisition (M&A) transactions announced globally, consisting of a value over 57 trillion dollars. While these …
Veeam fixes critical RCEs in backup solution (CVE-2022-26500, CVE-2022-26501)
Veeam Software has patched two critical vulnerabilities (CVE-2022-26500, CVE-2022-26501) affecting its popular Veeam Backup & Replication solution, which could be …
The massive impact of vulnerabilities in critical infrastructure
In this interview with Help Net Security, Michael Johnson, Board of Directors at Safe Security, talks about the importance of critical infrastructure security, why attacks on …
The importance of building in security during software development
Checkmarx released the UK findings of its report which found that 45% of organizations have suffered at least two security breaches as a direct result of a vulnerable …