Mitigating Log4j Abuse Using Akamai Guardicore Segmentation

Learn how Akamai Guardicore Segmentation can help you reveal vulnerable servers and applications, and stop exploitation...

Event-Driven Architectures & the Security Implications

This article explores event-driven architecture EDA with a detailed definition and explains how EDA offers many essential benefits to developers. It concludes with an outline of some best practices for mitigating security concerns...

Anatomy of a Cloud-Service Security Update

Our security teams around the world focus on identifying and mitigating security issues as soon as possible while minimizing customer disruption. One of the challenges of a traditional security update is ensuring customers apply the protections promptly. We recently discussed the work that goes...

Anatomy of a Cloud-Service Security Update

Our security teams around the world focus on identifying and mitigating security issues as soon as possible while minimizing customer disruption. One of the challenges of a traditional security update is ensuring customers apply the protections promptly. We recently discussed the work that goes...

Anatomy of a Cloud-Service Security Update

Our security teams around the world focus on identifying and mitigating security issues as soon as possible while minimizing customer disruption. One of the challenges of a traditional security update is ensuring customers apply the protections promptly. We recently discussed the work that goes...

CISA Releases Log4Shell-Related MAR

From May through June 2022, CISA responded to an organization that was compromised by an exploitation of an unpatched and unmitigated Log4Shell vulnerability in a VMware Horizon server. CISA analyzed five malware samples obtained from the organization’s network and released a Malware Analysis...

Data Distribution Service: Mitigating Risks Part 3

In the final chapter of our blog series, we discuss mitigating strategies and recommendations to keep DDS protected from malicious actors...

Complimentary GartnerⓇ Report "How to Respond to the 2022 Cyberthreat Landscape": Ransomware Edition

First things first — if you're a member of a cybersecurity team bouncing from one stressful identify vulnerability, patch, repeat cycle to another, claim your copy of the GartnerⓇ report “How to Respond to the 2022 Cyberthreat Landscape" right now. It will help you understand the current landscap...

Mitigating Attacks Against Uninterruptable Power Supply Devices

CISA and the Department of Energy DOE are aware of threat actors gaining access to a variety of internet-connected uninterruptable power supply UPS devices, often through unchanged default usernames and passwords. Organizations can mitigate attacks against their UPS devices, which provide emergen...

What is threat modeling ❓ Definition, Methods, Example

Threat modeling is a method for upgrading the security of an application, system, or business process by distinguishing objections and weaknesses, just as carrying out countermeasures to stay away from or alleviate the impacts of structure dangers. Threat modeling supports recognizing the securit...

Mageia: Security Advisory (MGASA-2018-0125)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Default credentials

In M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated authentication to event log wrote sensitive information to log. Mitigating factors are logging is disabled by default...

GHSA-QC9X-GJCV-465W Pipenv's requirements.txt parsing allows malicious index url in comments

Issue Summary Due to a flaw in pipenv's parsing of requirements files, an attacker can insert a specially crafted string inside a comment anywhere within a requirements.txt file, which will cause victims who use pipenv to install the requirements file e.g. with "pipenv install -r requirements.txt...

CVE-2021-43780

Redash is a package for data visualization and sharing. In versions 10.0 and priorm the implementation of URL-loading data sources like JSON, CSV, or Excel is vulnerable to advanced methods of Server Side Request Forgery SSRF. These vulnerabilities are only exploitable on installations where a...

How to investigate service provider trust chains in the cloud

In a recent Microsoft blog post, we documented technical guidance for organizations to protect themselves from the latest NOBELIUM activity that was found to target technology service providers, which are privileged in their downstream customer tenants, as a method to gain access to their...

Microsoft Rushes Fix for ‘PetitPotam’ Attack PoC

Microsoft was quick to respond with a fix to an attack dubbed “PetitPotam” that could force remote Windows systems to reveal password hashes that could then be easily cracked. To thwart an attack, Microsoft recommends system administrators stop using the now deprecated Windows NT LAN Manager NTLM...

Upcoming Rapid7 Webcast: How Far Does Your VRM Strategy Go?

Web applications have been growing in complexity over the past several years, while also becoming the preferred method for attackers looking to capitalize on emergent technologies. This is a trend that will only persist and evolve, so it’s crucial to extend your web application testing strategy t...

Citrix Secure Mail for Android Security Update

Description of Problem Vulnerabilities have been discovered in CitrixSecure Mailfor Androidthatcould allowunauthorisedaccessto datawithinCitrix Secure Mail. These vulnerabilities have the following identifiers: CVE ID| Description| Vulnerability Type| Pre-conditions ---|---|---|--- CVE-2020-8274|...

Citrix Virtual Apps and Desktops Security Update

Description of Problem Vulnerabilities havebeen identified in CitrixVirtual Apps and Desktopsthat could, if exploited,result in: An authenticateduserof amulti-sessionWindowsVDA, who has been granted permission to write to c:\ root directory, being able toescalatetheir privilege levelon that...

RUSTSEC-2020-0073 Mutable reference with immutable provenance

A mutable reference to a struct was constructed by dereferencing a pointer obtained from slice::asptr. Instead, slice::asmutptr should have been called on the mutable slice argument. The former performs an implicit reborrow as an immutable shared reference which does not allow writing through the...