Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Mitigating and remediating intent-based Android security vulnerabilities

In previous posts we explored the potential for intent-based Android security vulnerabilities and then used Snyk Code to find exploits in popular apps on the Google Play store. If you know Snyk, you also know there’s no way we can just point out vulnerabilities and not recommend fixes. Analyzing such an extensive dataset enabled us to review a lot of code.

Snyk uncovers supply chain security vulnerabilities in Visual Studio Code extensions

We have been witnessing an ever growing amount of supply chain security incidents in the wild. Everything from open source package managers security flaws being exploited to continuous integration systems being compromised to software artifacts being backdoored. And now, those incidents are starting to extend to the place where developers spend most of their time: their integrated development environment, and specifically the Visual Studio Code IDE.

Deep dive into Visual Studio Code extension security vulnerabilities

To stay ahead of attackers, we constantly monitor various security threats. One of these threats — supply chain attacks — aims to compromise an organization through its software development process. Recently, a huge spike in supply chain attacks was observed — dependency confusion was discovered, the SolarWinds breach was reported and more malicious packages were flagged. This certainly drew our attention (as well as the rest of the world’s)!

Detecting and Mitigating CVE-2021-25737: EndpointSlice validation enables host network hijack

The CVE-2021-25737 low-level vulnerability has been found in Kubernetes kube-apiserver where an authorized user could redirect pod traffic to private networks on a Node. The kube-apiserver affected are: By exploiting the vulnerability, adversaries could be able to redirect pod traffic even though Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range.

OWASP Top 10: Insufficient Logging & Monitoring Security Vulnerability Practical Overview

Insufficient Logging and Monitoring differs somewhat from the previous 9 risks. While it cannot lead to a direct intrusion, this risk is that you fail to detect the intrusion in a timely manner, a failure that can cost millions.

How to protect your Wi-Fi devices from new FragAttacks vulnerabilities

Fragmentation and aggregation attacks (FragAttacks) are WLAN vulnerabilities discovered by Mathy Vanhoef, who created this webpage to provide more information about them. Three of these vulnerabilities are 802.11 specification design flaws, and they are probably as old as the 802.11 specification itself. Aggregation was added in 802.11n, which means this vulnerability has been in the design for over 10 years. Nine of these vulnerabilities are implementation flaws.

What is Residual Risk? Why it Matters So Much in 2021

Residual risk is the threat or vulnerability that remains after all risk treatment and remediation efforts have been implemented. Even with an astute vulnerability sanitation program, there will always be vestiges of risks that remain, these are residual risks. Because they will always be present, the process of managing residual risk involves setting an acceptable threshold and then implementing programs and solutions to mitigate all risks below that threshold.

What's new and changed in CIS CSC version 8 - IG1

On May 18th 2021, the Center for Internet Security (CIS) released version 8 of the Critical Security Controls (CSC) - a business and technology agnostic set of recommendations that all organizations should consider and follow to prevent the most prevalent and dangerous attacks. In this blog series we discuss the ins and outs of the new guidance to get you up to speed with v8.