This blog was written by a third party author Vulnerability scanning is the process of detecting and classifying potential points of exploitation in network devices, computer systems, and applications. This is done by inspecting the same attack areas used by both internal and external threat actors—such as firewalls, applications, and services that are deployed either internally or externally—to gain unauthorized access to an organization’s network and assets.

Because applications and software vulnerabilities are the most common external point of attack, securing applications is a top priority for most organizations. An essential component for reducing this risk is application security testing (AST). In this blog, we focus on interactive application security testing (IAST), the relative newcomer in the AST market.

A new vulnerability, CVE-2020-8557, has been detected in kubelet. It can be exploited by writing into /etc/hosts to cause a denial of service. The source of the issue is that the /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager, so it’s not taken into account when calculating ephemeral storage usage by a pod.

What the heck has happened on Twitter? Twitter accounts, owned by politicians, celebrities, and large organisations suddenly started tweeting messages to their many millions of followers, at the behest of hackers. What did the messages say? Here is a typical one which appeared on the account of rapper, songwriter, and optimistic Presidential candidate Kanye West and was distributed to his almost 30 million followers.

A wide range of privacy regulations govern how organizations collect, store and use personally identifiable information (PII). In general, companies need to ensure data confidentiality, avoid data breaches and leaks, and make sure data is not destroyed or altered in unauthorized ways. The consequences of lost or leaked PII data are significant. Of course, the individuals involved can be harmed from resulting identity theft and associated costs.

The goal of every life sciences company is to improve the lives of patients by getting their product to market. To do so often requires successfully completing a clinical trial. It goes without saying, however, that keeping the resulting data secure and compliant is paramount. Restricting access to only those that need it is an essential first step, but there is much more that needs to be done.

Inbox Automation such as forwarding, redirecting, and moving items around can be crucial to many business operations. For example today I was integrating receipt bank, a third party receipt and invoicing system which in turn integrates with our accounting software. Like many respectable third party systems, it supports a robust API for fetching invoices from my suppliers. However it does not do them all and like in many instances, mailbox automation comes in to help.

Gaining more popularity among hackers, man in the middle attacks aims to exploit the real time transfer of data. Keep reading to learn more! When attacking an organization, hackers are focused on being swift and stealthy. In order to successfully infiltrate, steal sensitive information or hurt an organization in various other ways, hackers must be able to go under the radar for a while.