Lucene search
K

1393 matches found

Trend Micro Simply Security
Trend Micro Simply Security
added 2022/02/28 12:0 a.m.13 views

Why IaC Security Should Matter to CISOs

Explore how secure infrastructure-as-code IaC enables security leaders to help DevOps teams quickly deliver more business value...

2.7AI score
Exploits0
ThreatPost
ThreatPost
added 2022/02/16 4:3 p.m.340 views

High-Severity RCE Bug Found in Popular Apache Cassandra Database

Researchers have shared details about a now-patched, high-severity security bug in the Apache Cassandra open-source NoSQL distributed database that’s easy to exploit and, if left unpatched, could enable attackers to gain remote code execution RCE. The bug, which involves how Cassandra creates...

9.1CVSS9.3AI score0.54889EPSS
Exploits7References11
vulnersOsv
vulnersOsv
added 2022/02/16 12:1 a.m.5 views

com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.logmein:pipeline-bamboo (>=0.0.1 <=0.0.2) +94 more potentially affected by CVE-2022-25173 via org.jenkins-ci.plugins.workflow:workflow-cps (>=0.1-beta-1 <=2.92)

org.jenkins-ci.plugins.workflow:workflow-cps MAVEN version =0.1-beta-1, =1.9.2-beta, =0.0.1, =8.0.12, =0.8, =1.0.14, =1.3.0, =1.0, =0.9.0, =1.0, =1.22, =0.0.8, =y - io.fabric8.pipeline:kubernetes-pipeline-aggregator =1.3 and more Source cves: CVE-2022-25173 Source advisory: OSV:GHSA-4M7P-55JM-3VW...

8.8CVSS7.2AI score0.01422EPSS
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/01/14 12:0 a.m.12 views

Analyzing DevSecOps vs. DevOps

Learn the difference between DevSecOps and DevOps and get tips to smoothly embed security throughout the entire build lifecycle...

1.4AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/01/05 12:0 a.m.8 views

Workshop: Building Modern Applications with DevOps Security

In this workshop, you’ll learn how to leverage DevOps Security with your serverless applications running on AWS Lambda or containerized applications running on AWS Fargate. Learn how to make cloud security more efficient, proactive, and gain visibility...

2.3AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/01/05 12:0 a.m.11 views

Apache Log4j: Mitigation for DevOps

What can DevOps teams do to mitigate Apache Log4j risks? Explore how to secure your apps for today and against future vulnerabilities...

2AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/01/04 5:0 p.m.18 views

What you need to know about how cryptography impacts your security strategy

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest post of our Voice of the Community blog series post, Microsoft Security Product Marketing Manager Natalia Godyla talks with Taurus SA Co-founder...

7.1AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/12/29 12:0 a.m.16 views

Top 5 DevOps Resource Center Articles of 2021

We look back on the 5 most popular DevOps Resource Center articles in 2021 to help you build at your best in 2022...

6.9AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/17 5:30 p.m.116 views

Security Bulletin: Is Blueworks Live affected by CVE-2021-44228 (Log4j Vulnerability)?

Summary Is Blueworks Live affected by CVE-2021-44228 Log4j Vulnerability? Vulnerability Details Please refer to the Flash Alert published here: Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. Off Related...

10CVSS0.7AI score0.99999EPSS
Exploits347
Kaspersky
Kaspersky
added 2021/12/16 12:0 a.m.181 views

KLA12396 RCE vulnerability in Microsoft Developer Tools

Remote code execution vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2021-44228 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such...

10CVSS9.9AI score0.99999EPSS
Exploits347References4
GithubExploit
GithubExploit
added 2021/12/12 10:22 a.m.344 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j-CVE-2021-44228 On December 5, 2021, Apache identified a...

10CVSS9.5AI score0.99999EPSS
Exploits347
Akamai Blog
Akamai Blog
added 2021/12/10 2:0 p.m.18 views

Announcing Property Manager Extensions for the Integrated Development Environment

We’re proud to announce the 1.0 release of the Property Manager extension to Visual Studio Code and Eclipse. With the new Property Manager extension, you can edit and validate Property Manager API PAPI JSON rule trees right from your integrated development environment IDE. It allows you to make a...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/12/09 6:59 a.m.36 views

Over a Dozen Malicious NPM Packages Caught Hijacking Discord Servers

At least 17 malware-laced packages have been discovered on the NPM package Registry, adding to a recent barrage of malicious software hosted and delivered through open-source software repositories such as PyPi and RubyGems. DevOps firm JFrog said the libraries, now taken down, were designed to gr...

0.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/12/06 7:0 p.m.12 views

Kubernetes Guardrails: Bringing DevOps and Security Together on Cloud

Cloud and container technologies are being increasingly embraced by organizations around the globe because of the efficiency, superior visibility, and control they provide to DevOps and IT teams. While DevOps teams see the benefits of cloud and container solutions, these tools create a learning...

6.8AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/11/19 4:32 p.m.18 views

QSC Day 2 Recap: Innovation Makes for Better Defense, Improves Resilience

If 2020 was the year of disruption, then 2021 was characterized by high-profile—and low-profile—cyberattacks against the likes of JBS Supply, Colonial Pipeline, and Kaseya. Three years that underscored the need for organizations not only to defend themselves but to become resilient to weather and...

7.3AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/11/17 12:0 a.m.12 views

Application Security 101

Everything DevOps teams need to know about web application security risks and best practices...

7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/11/08 7:41 p.m.22 views

Best practices in WAF gateways to meet the demands of digital transformation

Every day, digital transformation is changing every organization’s threat landscape. As a result, they are facing a dilemma about where and how to deploy their application security solution. One of the most common approaches that organizations take is to deploy a reverse proxy security solution i...

7.1AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/10/12 9:26 a.m.74 views

Guide: How to Hack API in 60 minutes or API Threats Simulation with Open-Source Tools

What is API? API is the abbreviation for Application Programming Interface, which is a product middle person that permits two applications to converse with one another. Useful link: Api security tutorial for beginners and professionals What Is API Testing: Benefits, Types, How To Start ‍OpenAPI...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/10/12 7:57 a.m.41 views

GitHub Revoked Insecure SSH Keys Generated by a Popular git Client

Code hosting platform GitHub has revoked weak SSH authentication keys that were generated via the GitKraken git GUI client due to a vulnerability in a third-party library that increased the likelihood of duplicated SSH keys. As an added precautionary measure, the Microsoft-owned company also said...

9.1CVSS0.1AI score0.02993EPSS
Exploits1
Imperva Blog
Imperva Blog
added 2021/10/06 1:41 p.m.27 views

Serverless protection for execution environments made easy

Serverless computing is transforming the way we build, ship, automate, and scale applications. With no infrastructure to manage, organizations can move from ideation to market faster, with virtually no operational overhead. Consequently, these enterprises can now focus on just the code that serve...

1.6AI score
Exploits0
Rows per page
Query Builder