Exploit for Improper Handling of Length Parameter Inconsistency in Mongodb

MongoBleed CVE-2025-14847 – Vulnerability Checker Systemhaus Sc...

PCI DSS 4.0 FIM Requirements Simplified with Qualys File Integrity Monitoring

File Integrity Monitoring FIM is one of the essential requirements under PCI DSS 4.0. It helps organizations detect and respond to unauthorized changes in critical system files, configuration files, or content files, which is crucial for maintaining the security of cardholder data. Organizations...

Zero Trust + Deception: Join This Webinar to Learn How to Outsmart Attackers!

Cybersecurity is constantly evolving, but complexity can give hostile actors an advantage. To stay ahead of current and future attacks, it's essential to simplify and reframe your defenses. Zscaler Deception is a state-of-the-art next-generation deception technology seamlessly integrated with the...

The importance of combined user and data behavior analysis in anomaly detection

Muqeet Khan, Head of Sales Engineering Australia and New Zealand For decades security teams have understood the importance of tracking user behavior to identify potential cybersecurity threats. Behavior analysis systems first appeared in the early 2000s, and in 2015 Gartner officially defined Use...

Automating Agent-less Vulnerability Assessment for Intune Enrolled Mobile Devices

Most Mobile Device Management solutions lack critical functionality such as vulnerability assessment and patch management. Integration with a popular MDM like Microsoft Intune allows Qualys to provide automated onboarding and continuous scanning of your mobile devices, among other functions to...

Add Security Events to Your Monitoring Tools

Real-time monitoring is important in every organization because it enables stakeholders to understand what is happening at any given time and react quickly. There are a lot of systems and devices we can and should monitor using tools such as application performance monitoring, digital performance...

Why You Need Cloud-Based Security for Agile, Innovative and Lean IT

Digital transformation isn't just a buzzworthy trend or a finite phase for today's businesses. Rolling adaptation to an ever-changing environment and continuous digital evolution has become the new normal for enterprises -- the key to success in this agile, demanding, and hyper-connected age. To...

Excerpts From: Do More with Less—How Endpoint Security in the Cloud is Helping Companies Stay Secure

If you're responsible for security at your company, you know that you're held back by things like limited budgets, a lack of skilled personnel, and too many security products complicating your stack. In Carbon Black’s recent webinar, we discussed how endpoint security in the cloud can simplify yo...

Partner Perspectives: Extend Visibility Without Expanding Your Team

The best partnerships seem destined from the start - Han Solo and Chewbacca, Mario and Luigi - even newer partners, like Groot and Rocket. The best partners combine their strengths to expand the opportunities available to them. This is true of partnerships in cybersecurity stay with us here. Bett...

Make Application Access IT-Friendly

More and more companies are looking at alternatives to VPNs due to the security risks associated with network level access. And increasingly, the goal is to eliminate network trust through a zero trust architecture - which is one of the primary reasons many of these organizations are deploying...

Maximize security insights by integrating threat intelligence data from Akamai with your SIEM

Since 2005, when Gartner coined the term, SIEM Security Information and Event Management solutions have grown in importance for the security industry. SIEM solutions provide a centralized view to easily access and analyze security information from multiple sources, and then prioritize mitigation...

Superior and safe user experiences with the Akamai Cloud Delivery Platform

Your customers are unique and they all expect fast, secure, personalized digital experiences. They are spread across the world, in regions of varying network connectivity, utilize a plethora of devices and screen sizes - making it challenging to deliver your experiences. By delivering 95 Exabytes...

Dropbox: CSV Injection with the CVS export feature

The report mentions a well known problem with any CSV export function. If the exported data has an Excel formula, the user will be warned and if the user clicks through a warning they might get some code execution. At the same time, fixing this bug means that the CSV data is no longer correct and...

PowerShell Incident Response: Psrecon

Psrecon is an open source script that you can use to gather data from a remote Windows host using PowerShell v2 or later, organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team. The data can be pushe...

[ThreatFactor NSIA v1.0.6] Network System Integrity Analysis

ThreatFactor NSIA is a website scanner that monitors websites in real-time in order to detect defacements, compliance violations, exploits, sensitive information disclosure and other issues. ThreatFactor detects issues remotely and therefore requires no software to install, does not introduce any...

Metasploit Pro 4.0 released - Enterprise Integration, Cloud Deployment & Automation

Metasploit Pro 4.0 released - Enterprise Integration, Cloud Deployment & Automation Rapid7 launched Metasploit Pro 4.0, a penetration testing solution that provides security professionals with a better view of their threat landscape by integrating with more than a dozen vulnerability management...