The CVE-2021-25735 medium-level vulnerability has been found in Kubernetes kube-apiserver that could bypass a Validating Admission Webhook and allow unauthorised node updates. The kube-apiserver affected are: You are only affected by this vulnerability if both of the following conditions are valid: By exploiting the vulnerability, adversaries could bypass the Validating Admission Webhook checks and allow update actions on Kubernetes nodes.

All security flaws should be fixed, right? In an ideal world, yes, all security flaws should be fixed as soon as they’re discovered. But for most organizations, fixing all security flaws isn’t feasible. A practical step your organization can – and should – take is to prioritize which flaws should be fixed first.

Modern software development is full of security risk. Factors like lingering security debt, insecure open source libraries, and irregular scanning cadences can all impact how many flaws dawdle in your code, leading to higher rates of dangerous bugs in susceptible and popular languages.

Earlier this year, Kaspersky researchers discovered a zero day exploit hidden in Desktop Windows Manager. The exploit, designated as CVE-2021-28310, is known as an escalation of privilege (EoP) exploit, which allows attackers to gain access or a higher-level user permission to systems and platforms than an administrator would permit. Though patches have since been released, it’s not yet known how extensive the damage from this zero day exploit is yet.

Vulnerabilities are weaknesses in the security infrastructure that bad actors can exploit to gain unauthorized access to a private network. It is nearly impossible for security analysts to patch 100% of the vulnerabilities identified on any given day, but a vulnerability management plan can ensure that the highest risk vulnerabilities (those that are most likely to cause a data breach), will be addressed immediately.

The mastermind that orchestrated the SolarWinds attack may finally have a name. On Thursday, April 15th, the White House officially announced that the Russian Foreign Intelligence Service (SVR) - also known as APT 29, Cozy Bear, and The Dukes - was responsible for the campaign that exploited the SolarWinds Orion platform. But the attacks are not over yet. A joint advisory from the U.S.

The Code Dx team is pleased to announce the general availability (GA) of Code Dx 5.3, which notably features an integration with Snyk to help customers integrate open source and container security into their continuous development processes. As we move toward a cloud native world, we’re working to ensure that developer-first tooling, secure cloud infrastructure, container security, and open source tools are fully integrated into Code Dx 5.3.

Insecure Deserialization is #8 in the current OWASP Top Ten Most Critical Web Application Security Risks. It is difficult to exploit, but successful attacks can lead to remote code execution.

The CVE-2021-20291 medium-level vulnerability has been found in containers/storage Go library, leading to Denial of Service (DoS) when vulnerable container engines pull an injected image from a registry. The container engines affected are: Any containerized infrastructure that relies on these vulnerable container engines are affected as well, including Kubernetes and OpenShift.

To understand how often vulnerability scanning should be performed, it’s important to delve into the drivers behind this objective. Vulnerability management includes the treatment of risks identified during the vulnerability assessments. This is a vital element of the risk management regime for any organisation. Without making informed choices around risk appetite, an organisation may not get the best out of a vulnerability management programme.

Financial services are big targets for cybercrime. As the world shifts from physical to online, credit unions are doubling down on web applications to improve access and ensure vital financial services for their members. But with that comes greater security risks. In this benchmark study, we analyze the Top US Credit Unions with our attack surface analysis tool to highlight security weaknesses they should watch out for.

Monitoring your on-prem and hybrid cloud infrastructure has always been important. With an ever-growing rise in cyber attacks, zero-day exploits, and insider threats, keeping track of your infrastructure has a renewed level of significance. Microsoft Exchange is one of the most prominent enterprise systems in use today, with both cloud and on-prem iterations.

With high-risk vulnerabilities popping up every other week, realising there is no such dream ‘patch everything’ and configuration changes slowly add up to weakening your infrastructure security. Vulnerability management and scanning are core components of a solid cyber security strategy, ensuring a sound risk management process. Vulnerability management helps an organisation keep an eye on their assets, both from asset management and operational security.

Detectify is on a mission to make the Internet safer through automation and crowdsourced hacker knowledge. We recently published “A guide to modern web application security” for SaaS and tech organizations looking to bring their security up to speed with development. Download your free copy of the guide here. Organizations are shipping code daily, making it challenging for security teams to keep track of changes in the web application and keep up with new security threats.

Hidden deep in Google’s release notes for the new version of Chrome that shipped on March 1 is a fix for an “object lifecycle issue.” Or, for the less technically inclined, a major bug. Bugs like these have been common in Chrome, leading some to wonder whether the world’s most popular web browser is as safe as it could be? Google created Chrome as a secure browser and has loaded it with a growing set of security features along the way.

Since the release of CVE-2020-8554 on GitHub this past December, the vulnerability has received widespread attention from industry media and the cloud security community. This man-in-the-middle (MITM) vulnerability affects Kubernetes pods and underlying hosts, and all Kubernetes versions—including future releases—are vulnerable. Despite this, there is currently no patch for the issue.

Cross-site scripting (XSS) is #7 in the current OWASP Top Ten Most Critical Web Application Security Risks – and the second most prevalent web application vulnerability. It is thought to exist in two-thirds of all applications.

It’s official! Snyk Container offers support for scanning container images stored in the popular open source container registry, Harbor. Snyk Container helps you find and fix vulnerabilities in your container images, and now it integrates with Harbor as a container registry, enabling you to import your projects and monitor your containers for vulnerabilities. Snyk tests the projects you’ve imported for any known security vulnerabilities found, testing at a frequency you control.

We’re excited to share that you can now scan container images stored in Red Hat’s Quay container registry and their hosted Quay.io service with Snyk Container. Snyk Container helps you find and fix vulnerabilities in your container images and integrates with Quay as a container registry to enable you to import your projects and monitor your containers for vulnerabilities, as is fully described in our Snyk Container documentation.

CISA, the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, has told federal agencies that they have until 12:00pm EDT on Monday April 5 to scan their networks for evidence of intrusion by malicious actors, and report back the results. CISA is ordering agencies with on-premises Microsoft Exchange servers to urgently conduct the scans following widespread exploitation of vulnerabilities, in fear that some compromises may have remained undetected.