Lucene search
+L

21 matches found

thn
thn
added 2025/08/11 11:25 a.m.7 views

6 Lessons Learned: Focusing Security Where Business Value Lives

The Evolution of Exposure Management Most security teams have a good sense of what's critical in their environment. What's harder to pin down is what's business-critical. These are the assets that support the processes the business can't function without. They're not always the loudest or most...

7.4AI score
Exploits0
thn
thn
added 2024/10/04 9:53 a.m.13 views

How to Get Going with CTEM When You Don't Know Where to Start

Continuous Threat Exposure Management CTEM is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each of...

7.2AI score
Exploits0
hackread
hackread
added 2024/07/30 2:55 p.m.13 views

Adaptive Shield Showcases New ITDR Platform for SaaS at Black Hat USA

Amid rising breaches including Snowflake, the platform helps security teams proactively detect and respond to identity-centric threats in business-critical SaaS applications...

7.4AI score
Exploits0
thn
thn
added 2024/05/28 11:12 a.m.13 views

4-Step Approach to Mapping and Securing Your Organization's Most Critical Assets

You're probably familiar with the term "critical assets". These are the technology assets within your company's IT infrastructure that are essential to the functioning of your organization. If anything happens to these assets, such as application servers, databases, or privileged identities, the...

6.7AI score
Exploits0
thn
thn
added 2024/05/23 11:14 a.m.11 views

Are Your SaaS Backups as Secure as Your Production Data?

Conversations about data security tend to diverge into three main threads: How can we protect the data we store on our on-premises or cloud infrastructure? What strategies and tools or platforms can reliably backup and restore data? What would losing all this data cost us, and how quickly could w...

7AI score
Exploits0
code423n4
code423n4
added 2023/07/31 12:0 a.m.8 views

High - TemporalGovernor.sol - Malicious Governance Propsoals can interact with Metamorphic Contracts resulting in Business Critical Risk to the Protocol

Lines of code Vulnerability details High - TemporalGovernor.sol - Malicious Governance Propsoals can interact with Metamorphic Contracts resulting in Business Critical Risk to the Protocol Impact Due to the permisionless governance execution method, with no ascribed or implemented security...

7.3AI score
Exploits0
threatpost
threatpost
added 2022/06/16 1:27 p.m.9 views

7 Key Findings from the 2022 SaaS Security Survey Report

The 2022 SaaS Security Survey Report, in collaboration with CSA, examines the state of SaaS security as seen in the eyes of CISOs and security professionals in today’s enterprises. The report gathers anonymous responses from 340 CSA members to examine not only the growing risks in SaaS security b...

7.4AI score
Exploits0References2
packetstorm
packetstorm
added 2021/06/15 12:0 a.m.328 views

SAP Netweaver JAVA 7.50 Missing Authorization

Onapsis Security Advisory 2021-0013: CVE-2020-26829 - Missing Authentication Check In SAP NetWeaver AS JAVA P2P Cluster communication Impact on Business A malicious unauthenticated user could abuse the lack of authentication check on SAP Java P2P cluster communication, in order to connect to the...

9CVSS0.4AI score0.04708EPSS
Exploits1
mmpc
mmpc
added 2021/05/19 6:0 p.m.53 views

Protecting SAP applications with the new Azure Sentinel SAP threat monitoring solution

As one of the leading solution providers for applications that manage business processes, SAP is the custodian for massive amounts of sensitive data in many of the biggest organizations in the world. Since these applications are business-critical, an SAP security breach can be catastrophic. Yet,...

7.7AI score
Exploits0
mmpc
mmpc
added 2020/11/23 5:0 p.m.38 views

IoT security: how Microsoft protects Azure Datacenters

Azure Sphere first entered the IoT Security market in 2018 with a clear mission—to empower every organization on the planet to connect and create secure and trustworthy IoT devices. Security is the foundation for durable innovation and business resilience. Every industry investing in IoT must...

7.5AI score
Exploits0
impervablog
impervablog
added 2020/05/13 12:58 p.m.38 views

Imperva Cloud WAF Customers Can Easily Integrate Advanced Bot Protection for Increased Security

Almost 25% of web traffic is bad bots, and only growing both in volume and sophistication. This information and more is available in Imperva’s annual Bad Bot Report 2020. What are bad bots? They are not benign. Bad bots plague websites, mobile applications, and APIs with the goal of high-speed an...

1.7AI score
Exploits0
trendmicroblog
trendmicroblog
added 2019/07/11 12:11 p.m.56 views

Migrating Network Protection to the Cloud with Confidence

For modern organizations, speed and agility is the key to success – built on enhanced IT efficiency and performance driven by the cloud. Anything less could see your business outpaced by the competition. As always, security must be a priority when migrating to the cloud, but network teams are bei...

7.1AI score
Exploits0
threatpost
threatpost
added 2018/08/24 10:7 p.m.332 views

PoC Code Surfaces to Exploit Apache Struts 2 Vulnerability

Proof-of-concept code found on the GitHub repository could allow attackers to easily take advantage of a recently identified vulnerability in the Apache Struts 2 framework. The vulnerability CVE-2018-11776, identified earlier this week, could allow an adversary to execute remote code on targeted...

9.3CVSS0.5AI score0.99993EPSS
Exploits41References7
threatpost
threatpost
added 2017/10/18 9:51 a.m.44 views

Critical Code Execution Flaw Patched in PeopleSoft Core Engine

Organizations that have their PeopleSoft installations exposed to the internet should pay special attention to a remote code execution vulnerability patched on Tuesday as part of Oracle’s massive quarterly Critical Patch Update. The flaw, CVE-2017-10366, allows an attacker to gain remote code...

7.5CVSS0.6AI score0.43492EPSS
Exploits4References4
exploitpack
exploitpack
added 2015/09/02 12:0 a.m.88 views

Cerb 7.0.3 - Cross-Site Request Forgery

Cerb 7.0.3 - Cross-Site Request Forgery Advisory ID: HTB23269 Product: Cerb Vendor: Webgroup Media LLC Vulnerable Versions: 7.0.3 and probably prior Tested Version: 7.0.3 Advisory Publication: August 12, 2015 without technical details Vendor Notification: August 12, 2015 Vendor Patch: August 14,...

6.8CVSS0.6AI score0.02617EPSS
Exploits5
zdt
zdt
added 2015/09/02 12:0 a.m.55 views

Cerb 7.0.3 Cross Site Request Forgery Vulnerability

Cerb version 7.0.3 suffers from a cross site request forgery vulnerability. Product: Cerb Vendor: Webgroup Media LLC Vulnerable Versions: 7.0.3 and probably prior Tested Version: 7.0.3 Advisory Publication: August 12, 2015 without technical details Vendor Notification: August 12, 2015 Vendor Patc...

6.8CVSS0.4AI score0.02617EPSS
Exploits5
securityvulns
securityvulns
added 2013/03/03 12:0 a.m.51 views

[Onapsis Security Advisory 2013-005] SAP CCMS Agent Code Injection

Onapsis Security Advisory 2013-005: SAP CCMS Agent Code Injection This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand information on upcoming advisories, presentations and new...

8.1AI score
Exploits0
erpscan
erpscan
added 2012/12/03 12:0 a.m.20 views

SAP Xcelsius - insecure crossdomain policy

Application: SAP Portal Xcelsius dashboards Vendor URL: http://www.sap.com Bugs: insecure crossdomain policy Exploits: YES Reported: 12.03.2012 Vendor response: 12.03.2012 Date of SAP Security Note Published: 08.01.2013 Date of Public Advisory: 29.01.2013 Reference: SAP Security Note 1412864...

7.3AI score
Exploits0
erpscan
erpscan
added 2012/10/02 12:0 a.m.24 views

SAP NetWeaver Mobile - XSS

Application: SAP NetWeaver Versions Affected: SAP NetWeaver Vendor URL: http://www.sap.com Bugs: XSS Exploits: no Reported: 10.02.2012 Vendor response: 10.03.2012 Date of Public Advisory: 13.11.2012 Reference: SAP Security Note 1669031 Author: Alexander Polyakov ERPScan Description SAP NetWeaver...

6.5AI score
Exploits0
erpscan
erpscan
added 2012/10/02 12:0 a.m.18 views

SAP NetWeaver SDM - information disclosure and SMBRelay

Application: SAP NetWeaver SDM Versions Affected: SAP NetWeaver SDM Vendor URL: http://www.sap.com Bugs: Information Disclosure Exploits: YES Reported: 10.02.2012 Vendor response: 11.02.2012 Date of Public Advisory: 10.10.2012 Reference: SAP Security Note 1724516 Authors: Alexander Polyakov ERPSc...

0.4AI score
Exploits0
Rows per page
Query Builder