Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Firmware Vulnerabilities Run Rampant in Cellular Routers

The current state of OT/IOT security is being repainted with a new coat of risk. The shade of color? Cellular routers and the vulnerabilities within firmware. In our new report with Finite State, our joint research explores the risks organizations face within the software supply chains of OT/IoT routers. Hardware has firmware – operational software – within its memory components.

5 Snyk Alternatives and Why They Are Better

Snyk is widely recognized as one of the top security tools for developers, especially when it comes to finding vulnerabilities in open-source code, containers, and infrastructure as code. However, no tool is perfect for every scenario and access to the Snyk platform comes with a price tag. Depending on your needs, there may be Snyk alternatives that provide better integration, features, or just better value for money.

Introducing new Snyk AppRisk integrations: Enhancing application risk management with development context

In the fast-paced world of modern software development, grasping the full scope of an application is essential for managing an application security program. This entails having visibility into all the application assets involved in building the app, knowing their ownership, and understanding their importance to the development process and the broader business.

CVE-2024-4879 & CVE-2024-5217 Exposed - The Risks of RCE in ServiceNow

Recent critical vulnerabilities in ServiceNow, a widely used cloud platform, have put numerous organizations at risk of data breaches. Threat actors are exploiting these input validation flaws, enabling remote code execution and unauthorized access. Despite recent fixes, government agencies, data centers, and private firms remain targeted. This blog highlights how these flaws are exploited for data theft and outlines security measures to mitigate these risks.

Hotjar's OAuth+XSS Flaw Exposes Millions at Risk of Account Takeover

A critical flaw in Hotjar that combines XSS with OAuth putting millions of websites at risk, exposing user data and risking account takeovers. Hotjar, a trusted product experience insights platform used by over a million websites, including global brands like Adobe and Microsoft, offers powerful behavior analytics and feedback tools. These include Heatmaps, Recordings, Surveys, and Feedback, which help product teams understand user behavior and improve user experience (UX).

How to tell if your organization's credentials have been involved in a breach

Stolen credentials are the easiest route into your organization for a hacker. Verizon’s 2023 Data Breach Investigation Report found that threat actors used stolen credentials in 49% of attempts to gain unauthorized access to organizations. The problem IT teams face is knowing when credentials have been stolen or leaked in a breach – otherwise you’re waiting to respond to a security issue rather than handling it proactively.

Highlights of The 2024 Remediation Operations Report

As digital threats grow increasingly sophisticated, organizations must stay ahead by adopting advanced strategies to manage and mitigate vulnerabilities. This necessity has driven significant changes in how remediation operations are conducted, emphasizing the importance of continuous improvement and innovation. Seemplicity’s 2024 Remediation Operations Report revealed several key trends and practices that are shaping the future of remediation operations.

Nucleus Security Launches Nucleus Vulnerability Intelligence Platform to Accelerate Threat Assessment and Risk Mitigation

Nucleus Security announces the launch of its Nucleus Vulnerability Intelligence Platform. Nucleus Vulnerability Intelligence Platform enables enterprises to aggregate, analyze, and act on insights from government, open-source, and premium threat intelligence feeds while reducing manual effort, accelerating threat assessment, and promoting proactive remediation.