CVE-2024-30156

A flaw was found in the Varnish cache server, with HTTP/2 support enabled, that may allow a Denial of Service type of attack. A malicious actor can cause the server to run out of credits during the HTTP/2 connection control flow. As a consequence, the server will stop to properly process the acti...

NodeSecurityShield - A Developer And Security Engineer Friendly Package For Securing NodeJS Applications

A Developer and Security Engineer friendly package for Securing NodeJS Applications. Inspired by the log4J vulnerability CVE-2021-44228 which can be exploited because an application can make arbitrary network calls. We felt there is an need for an application to declare what privileges it can hav...

Introducing the Bot Endpoint Protection Report

Todays comprehensive monitoring capabilities in Security Center provide great insight into bot activity and countermeasures applied across your valuable web properties. Filter options allow you to focus on almost any desired detail. However, understanding what is happening on specific protected...

Lockheed Martin's Steve Adegbite on Cyber Intelligence Driven Defense

Steve Adegbite of Lockheed Martin discussed the need for a more intelligent method of network defense and how monitoring attackers and learning from their methods can be a valuable exercise...

Update Protection against a Vulnerability in Microsoft FrontPage Server Extensions Vulnerability (MS06-017)

FrontPage Server Extensions is a set of tools that can be installed on a Web site. They allow authorized personnel to manage the server, add or change content, and perform other tasks. A vulnerability was detected in Front Page Server Extensions that may allow an attacker take a variety of action...