33 matches found
kubei
Kubei is a flexible Kubernetes runtime scanner that scans worker nodes and Kubernetes nodes' images, providing accurate vulnerability assessments. It is a vulnerability scanner and CIS Docker scanner. The repository contains various files, including .dockerignore, .families.yaml,...
SUSE: Security Advisory (SUSE-SU-2025:02229-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
cvex
cvex A curated repository dedicated t...
CISA Releases Analysis of FY23 Risk and Vulnerability Assessments
CISA has released an analysis and infographic detailing the findings from the 143 Risk and Vulnerability Assessments RVAs conducted across multiple critical infrastructure sectors in fiscal year 2023 FY23. The analysis details a sample attack path including tactics and steps a cyber threat actor...
Exploit for SQL Injection in Crmeb
CVE-2024-36837 / CNVD-2024-30128 POC write URL in url.txt and...
Attacks, Vulnerabilities and Actors 3 to 9 June 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made significant advancements in identifying cybersecurity threats. Over the past week alone, HiveForce Labs has detected six executed attacks, reported nine vulnerabilities, and identified two active...
#StopRansomware: Akira Ransomware
Actions to take today to mitigate cyber threats from Akira ransomware: 1. Prioritize remediating known exploited vulnerabilities. 2. Enable multifactor authentication MFA for all services to the extent possible, particularly for webmail, VPN, and accounts that access critical systems. 3. Regularl...
#StopRansomware: Play Ransomware
Actions to take today to mitigate cyber threats from Play ransomware: 1. Prioritize remediating known exploited vulnerabilities. 2. Enable multifactor authentication MFA for all services to the extent possible, particularly for webmail, VPN, and accounts that access critical systems. 3. Regularly...
Cyber Signals: Sporting events and venues draw cyberthreats at increasing rates
Today we released the fifth edition of Cyber Signals, spotlighting threats to large venues, and sporting and entertainment events, based on our learnings and telemetry from delivering cybersecurity support to critical infrastructure facilities during the State of Qatar’s hosting of the FIFA World...
Cybersecurity Agencies Warn Against IDOR Bugs Exploited for Data Breaches
Cybersecurity agencies in Australia and the U.S. have published a joint cybersecurity advisory warning against security flaws in web applications that could be exploited by malicious actors to orchestrate data breach incidents and steal confidential data. This includes a specific class of bugs...
CISA Releases Analysis of FY22 Risk and Vulnerability Assessments
CISA has released an analysis and infographic detailing the findings from the 121 Risk and Vulnerability Assessments RVAs conducted across multiple critical infrastructure sectors in fiscal year 2022 FY22. The analysis details a sample attack path including tactics and steps a cyber threat actor...
Threat Exposure Management: An Overview
In recent years, the threat landscape has rapidly evolved, resulting in a growing number of cyber security incidents. This has led organizations to focus on the effective management of their threat exposure, as a means of mitigating the risk of cyber attacks. Threat exposure management is a...
Microsoft supports the DoD’s Zero Trust strategy
The Department of Defense DoD released its formal Zero Trust strategy today, marking a major milestone in its goal of achieving enterprise-wide implementation by 2027. The strategy comes at a critical time as United States government networks continue to face nearly half the global nation-state...
CISA Releases Analysis of FY21 Risk and Vulnerability Assessments
CISA has released an analysis and infographic detailing the findings from the 112 Risk and Vulnerability Assessments RVAs conducted across multiple sectors in Fiscal Year 2021 FY21. The analysis details a sample attack path comprising 11 successive tactics, or steps, a cyber threat actor could ta...
5 Steps For Securing Your Remote Work Space
Use a VPN ------------ Whether you’re connecting to company resources or a Zoom call, use a virtual private network VPN. VPNs encrypt all of your online traffic to prevent hackers from capturing data in transit. Be sure to use a well-known VPN – they are widely available in software marketplaces...
CISA Releases Analysis of FY20 Risk and Vulnerability Assessments
CISA has released an analysis and infographic detailing the findings from the Risk and Vulnerability Assessments RVAs conducted in Fiscal Year FY 2020 across multiple sectors. The analysis details a sample attack path a cyber threat actor could take to compromise an organization with weaknesses...
Anatomy of a Security Super Bowl Dynasty, Part 2: The Offense
Imperva’s Directors of Technology in the Office of the CTO, Brian Anderson and Craig Burlingame, recently conducted an informal education session titled Creating a Security Super Bowl Dynasty. In this presentation, they used examples of how teams create consistent, sustainable success in American...
Security Drift – The Silent Killer
Global spending on cybersecurity products and services is predicted to exceed $1 trillion during the period of five years, between 2017 to 2021, with different analysts predicting the Compound Annual Growth Rate CAGR at anywhere between 8 to 15%. It is not surprising to see this growth in spendin...
Security Drift – The Silent Killer
Global spending on cybersecurity products and services is predicted to exceed $1 trillion during the period of five years, between 2017 to 2021, with different analysts predicting the Compound Annual Growth Rate CAGR at anywhere between 8 to 15%. It is not surprising to see this growth in spendin...
What is NYDFS?
NYDFS Cybersecurity Regulation, 23 NYCRR 500 On March 1, 2017, the New York State Department of Financial Services NYDFS introduced new cybersecurity regulations for financial services companies that address the growing threat posed by cyber-criminality to financial firms. They are intended to...