Do Not Install the Avahi Service

Avahi is a zero-configuration networking implementation, including a system for multicast DNS/DNS-SD service discovery and automatic broadcast. For example, you can connect a server to the network and use Avahi to automatically broadcast network services running on the server for other user to...

Do Not Use X11 Forwarding

The X11 forwarding function of SSH allows the GUI program of the remote host to be executed on the local host. If the X11 forwarding function is enabled, the attack surface is expanded and other users on the X11 server may attack the local host. If the function is not required in the service...

Do Not Enable Insecure SNMP Versions

Simple Network Management Protocol SNMP is a standard protocol designed to manage network nodes in IP networks. This protocol allows the exchange of network management and control data between network elements NEs. If SNMP is installed in scenarios where SNMP is not required, additional system...

CVE-2025-34203

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.1002 and Application versions prior to 20.0.2614 VA and SaaS deployments contain multiple Docker containers that include outdated, end-of-life, unsupported, or otherwise vulnerable third-party components examples:...

Vasion Print Virtual Appliance Host和Vasion Print Application 安全漏洞

Vasion Print Virtual Appliance Host and Vasion Print Application are both products of Vasion Corporation of the U.S.A. Vasion Print Virtual Appliance Host is a print management software.Vasion Print Application is a printer management application. A security vulnerability exists in Vasion Print...

PT-2025-38601

Name of the Vulnerable Software and Affected Versions Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.1002 Vasion Print formerly PrinterLogic Application versions prior to 20.0.2614 Description Vasion Print formerly PrinterLogic Virtual Appliance Host and...

Exploring and Exploiting the Resource Isolation Attack Surface of WebAssembly Containers

Recently, the WebAssembly or Wasm technology has been rapidly evolving, with many runtimes actively under development, providing cross-platform secure sandboxes for Wasm modules to run as portable containers. Compared with Docker, which isolates applications at the operating system level, Wasm...

Understand the Attack Surface: Retail Supply Chain Cybersecurity Risks

...

PT-2025-36555

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS JAVA IIOP service affected versions not specified Description: The SAP NetWeaver AS JAVA IIOP service lacks randomness in assigning Object Identifiers. An authenticated attacker with low privileges could predict these...

UBUNTU-CVE-2025-9566

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

Simple Steps for Attack Surface Reduction

Story teaser text: Cybersecurity leaders face mounting pressure to stop attacks before they start, and the best defense may come down to the settings you choose on day one. In this piece, Yuriy Tsibere explores how default policies like deny-by-default, MFA enforcement, and application Ringfencin...

Have You Turned Off Your Virtual Oven?

You check that the windows are shut before leaving home. Return to the kitchen to verify that the oven and stove were definitely turned off. Maybe even circle back again to confirm the front door was properly closed. These automatic safety checks give you peace of mind because you know the unlike...

Webinar: What the Next Wave of AI Cyberattacks Will Look Like — And How to Survive

The AI revolution isn't coming. It's already here. From copilots that write our emails to autonomous agents that can take action without us lifting a finger, AI is transforming how we work. But here's the uncomfortable truth: Attackers are evolving just as fast. Every leap forward in AI gives bad...

CISA Releases Part One of Zero Trust Microsegmentation Guidance

CISA released Microsegmentation in Zero Trust, Part One: Introduction and Planning as part of its ongoing efforts to support Federal Civilian Executive Branch FCEB agencies implementing zero trust architectures ZTAs. This guidance provides a high-level overview of microsegmentation, focusing on i...

CTEM vs ASM vs Vulnerability Management: What Security Leaders Need to Know in 2025

The modern-day threat landscape requires enterprise security teams to think and act beyond traditional cybersecurity measures that are purely passive and reactive, and in most cases, ineffective against emerging threats and sophisticated threat actors. Prioritizing cybersecurity means implementin...

Coverage Plus Context Equals Intelligent Exposure Management

Common Vulnerabilities and Exposures CVEs is the standardized directory of publicly known software flaws that attackers can exploit to carry out cyber attacks. Vulnerability management solutions scan for CVEs to give you a list of all the gaps in your attack surface, but the volume of new...

CVE-2025-53364 Parse Server exposes the data schema via GraphQL API

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Starting in 5.3.0 and before 7.5.3 and 8.2.2, the Parse Server GraphQL API previously allowed public access to the GraphQL schema without requiring a session token or the master key. While sche...

Securing the Frontier - Navigating Security in LLM-Integrated Systems

In the previous parts of this series, we've explored the exciting new ways Large Language Models LLMs can integrate with APIs and act as intelligent As we integrate LLMs deeper into our applications, the attack surface naturally expands...

sas-top-10

This is an educational guide for organizations adopting serverless architectures. The document, curated by top industry practitioners and security researchers, provides information on the top 10 security risks for serverless applications. The guide aims to assist organizations in building robust,...

CVE-2025-53003

The Janssen Project is an open-source identity and access management IAM platform. Prior to version 1.8.0, the Config API returns results without scope verification. This has a large internal surface attack area that exposes all sorts of information from the IDP including clients, users, scripts...