On October 3, 2023, the curl team preannounced a pending fix for a high-severity vulnerability, which impacts both libcurl and curl. Snyk products help you identify and fix vulnerable packages and containers, but this vulnerability impacts curl, a command-line tool that many developers use on a daily basis. It's also distributed with many operating systems, so we thought it would be beneficial to provide some tips on how you can get it upgraded on your system.
Researchers and vendors have conducted an investigation into volumetric DDoS attacks in the wild between August – October 2023 that has resulted in the discovery of a novel “rapid reset” technique that leverages stream multiplexing, a feature of the widely-adopted HTTP/2 protocol. Disclosed today, the HTTP/2 rapid reset vulnerability is being tracked as CVE-2023-44487 and has been designated a High severity vulnerability with a CVSS score of 7.5 (out of 10).
As a software engineer in a cloud-native world, you’re the first line of defense in web application security. Armed with a few best practices that have a huge impact, securing both the code you create and the code you compile can be simple. Here are five tips that make your role easier in protecting data with secure development.
Leadership skills are important for career growth in any industry, and cybersecurity is no exception. While you can certainly have a long, fulfilling career as a SOC analyst, you may be interested in moving up the ranks into a leadership position one day. Whether you aspire to be a SOC director or even a CISO, these tips will help you position yourself and develop the skills needed to move into a cybersecurity leadership role.
The Corelight App for Splunk provides the foundation for organizations to boost SOC effectiveness and productivity by using Corelight data in Splunk. In this blog, I’ll walk through how the Corelight App leverages Splunk’s Common Information Model (CIM) to enhance users' search experience when they are using Corelight data.
As people use social media and dating apps to connect with others, they risk falling victim to catfishing scams. However, catfishing can be easily spotted when looking for signs such as a request for money and a newly made account. It is best to know these signs to avoid any financial loss, data leaks or mental and emotional strain. Continue reading to learn more about what catfishing is, how dangerous it can be, the signs to look out for, how to deal with it and how to avoid it in the future.
With the new iPhone 15 release, scammers are taking advantage by impersonating mobile carriers or Apple support, claiming their target is eligible for a free or discounted iPhone upgrade. The scammer’s goal is to get their target to provide personal and financial information which is then used to attempt identity theft or make unauthorized charges. Read on to learn what signs to look out for and what to do if you fall victim to this iPhone 15 scam.
What Are Microsoft 365 LinkedIn Smart Links? LinkedIn Smart Links are a relatively new feature introduced by LinkedIn to simplify the way users share content, profiles, and documents within the platform. Smart Links allow you to share specific pieces of content, making it easier for connections to access information you deem relevant. Smart Links are dynamic, which means they change each time someone accesses the link.
Picture this: you’re a service organization that has aced your SOC 2 audit, and now your prospects are becoming customers at record speed as you prove your commitment to data security. But what happens in the interim period between one SOC report and the next? Enter the SOC 2 Bridge Letter, which fills the gap and keeps your compliance game on point. In this blog post, we’ll dive deep into the world of bridge letters, exploring their significance, components, and responsibilities.
