Vulnerabilities
Malvertising and Google Ads: Protecting High Net-Worth Individuals and Executives
Do you use Google’s Search functionality to find products or services to solve a problem you have? I’m guessing that the majority of people reading this article do this regularly or have ...
‘Netfetcher’ package drops illicit ‘node’ binary on Windows
Recently identified PyPI packages called "netfetcher" and "pyfetcher" impersonate open source libraries and target Windows users with malicious executables that have a zero detection rate among leading antivirus engines. Furthermore, some of ...
Palo Alto Networks Shines Light on Application Services Security Challenge
An analysis published by Palo Alto Networks finds a typical large organization adds or updates over 300 services every month, with those new and updated services being responsible for approximately 32% of ...
The Zenbleed Vulnerability: How to Protect Your Zen 2 CPUs
The Zenbleed vulnerability exploits a flaw in the speculative execution mechanism of AMD Zen 2 CPUs. It affects the entire Zen 2 range, even extending to AMD’s EPYC data center chips. As ...
CVE-2024-38063: An In-Depth Look at the Critical Remote Code Execution Vulnerability
In a recent security advisory, Microsoft disclosed a high-severity vulnerability identified as CVE-2024-38063. This critical Remote Code Execution (RCE) flaw, rated with a CVSS score of 9.8, poses a significant... The post ...
Maintaining the Security of CPS & IoT Systems
(Part 2 of our 3 part 2024 Summer IoT Security Series)Once a new CPS/IoT system is deployed, secured, and delivering the business value you intended it to, it’s time to focus on ...
Cato Networks Reports Spike in Attempts to Exploit Log4j Vulnerabilities
A report published today by Cato Networks finds three years after its discovery in 2021 there was a 61% increase in attempts to exploit Log4j vulnerabilities in inbound traffic and a 79% ...
Aqua Security Researchers Disclose Series of AWS Flaws
Aqua Security this week at the Black Hat USA 2024 conference revealed that it has discovered six vulnerabilities in the cloud services provided by Amazon Web Services (AWS) ...
Salt Security Extends Scope of API Security Platform
Salt Security this week extended its core platform to make it easier to discover and govern application programming interfaces (APIs) ...
Tenable Adds Ability to Prioritize Vulnerabilities by Threat Level
Tenable this week at the Black Hat USA 2024 conference added an ability to identify the vulnerabilities in an IT environment that should be remediated first based on the actual threat they ...
