We have been witnessing an ever growing amount of supply chain security incidents in the wild. Everything from open source package managers security flaws being exploited to continuous integration systems being compromised to software artifacts being backdoored. And now, those incidents are starting to extend to the place where developers spend most of their time: their integrated development environment, and specifically the Visual Studio Code IDE.

To stay ahead of attackers, we constantly monitor various security threats. One of these threats — supply chain attacks — aims to compromise an organization through its software development process. Recently, a huge spike in supply chain attacks was observed — dependency confusion was discovered, the SolarWinds breach was reported and more malicious packages were flagged. This certainly drew our attention (as well as the rest of the world’s)!

The CVE-2021-25737 low-level vulnerability has been found in Kubernetes kube-apiserver where an authorized user could redirect pod traffic to private networks on a Node. The kube-apiserver affected are: By exploiting the vulnerability, adversaries could be able to redirect pod traffic even though Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range.

Insufficient Logging and Monitoring differs somewhat from the previous 9 risks. While it cannot lead to a direct intrusion, this risk is that you fail to detect the intrusion in a timely manner, a failure that can cost millions.

Security Logging and Monitoring Failures is #9 in the current OWASP top Ten Most Critical Web Application Security Risks.

Fragmentation and aggregation attacks (FragAttacks) are WLAN vulnerabilities discovered by Mathy Vanhoef, who created this webpage to provide more information about them. Three of these vulnerabilities are 802.11 specification design flaws, and they are probably as old as the 802.11 specification itself. Aggregation was added in 802.11n, which means this vulnerability has been in the design for over 10 years. Nine of these vulnerabilities are implementation flaws.

Residual risk is the threat or vulnerability that remains after all risk treatment and remediation efforts have been implemented. Even with an astute vulnerability sanitation program, there will always be vestiges of risks that remain, these are residual risks. Because they will always be present, the process of managing residual risk involves setting an acceptable threshold and then implementing programs and solutions to mitigate all risks below that threshold.

On May 18th 2021, the Center for Internet Security (CIS) released version 8 of the Critical Security Controls (CSC) - a business and technology agnostic set of recommendations that all organizations should consider and follow to prevent the most prevalent and dangerous attacks. In this blog series we discuss the ins and outs of the new guidance to get you up to speed with v8.

PHP is used extensively to power websites. From blogging to ecommerce, it’s embedded in our everyday lives and powers much of the internet we use today. According to a Wappalyzer report on top programming languages of 2020, PHP has a 79% market share of backend languages used on the internet today. One of the biggest challenges with PHP libraries over the years has been package management. There have been a few ways to easily install and maintain libraries including PECL, CPAN.

As the pandemic starts to fade, it can be easy to fall into a false sense of security. While there’s finally an end to COVID-19 insight, the cybersecurity pandemic rages on. 2020 was a record year for cybercrime, and the same threats will plague 2021. Amid the disruptions of 2020, many businesses embraced remote work, cloud services, and IoT technologies. These changes, in turn, led to a shifting cybersecurity landscape as cybercriminals adapted and new threats emerged.

Our phones know a lot about us, so it’s important we can trust them. After discovering and then publishing our findings on SourMint — the malicious iOS ad SDK — the Snyk Security Team decided to dig deeper in the Android ecosystem. To do so, we leveraged Snyk Code to analyze and search for vulnerabilities in applications uploaded to the Google Play store.

Two weeks back, we published our annual State of Cloud Native Application Security report. If you haven’t seen it yet, here’s a TL;DR. We surveyed nearly 600 developers and security professionals to see how the shift to cloud native (digital transformation) has changed their security posture. Then we parsed the results, gleaned valuable insights, and put them in an interactive webpage.

If you know about a vulnerability, you can be certain that adversaries also know about it – and are working to exploit it. It sounds like a no-brainer; but using components with known vulnerabilities still makes #9 in the current OWASP list of the ten most critical web application security risks.

If you know about a vulnerability, you can be certain that adversaries also know about it – and are working to exploit it. It sounds like a no-brainer; but using components with known vulnerabilities still makes #6 in the current OWASP list of the ten most critical web application security risks.

As per UK DCMS’s data breaches survey, about 32% of businesses in the UK have faced a form of cybersecurity threat between 2018 and 2019. As a result of these network security vulnerabilities, these businesses incurred costs on lost data and many other damages that totalled £4,180.

SuiteCRM is a free and open source Customer Relationship Management application for servers. This advisory details a PHAR deserialization vulnerability that exists in SuiteCRM which could be leveraged by an authenticated administrator to execute commands on the underlying operating system. This issue has been fixed in release 7.11.19. In PHP, PHAR (PHP Archive) files can be used to package PHP applications and PHP libraries into one archive file.

Today we’ve arrived at another significant achievement at Astra Security. After months of preparation, development, and design, we’ve officially launched our new Security Scan platform. From addition of more security tests to new dashboard design, the new platform will make pentesting a breeze for you. Our new and simple to utilize UI guarantees that your dev and security groups can rapidly and safely associate with pentest discoveries and resolve them easily.