%term

Apache Struts 2 Remote Code Execution (CVE-2023-50164) - Cato's Analysis and Mitigation

Dec 17, 2023 By Dolev Moshe Attiya In Cato Networks

By Vadim Freger, Dolev Moshe Attiya On December 7th, 2023, the Apache Struts project disclosed a critical vulnerability (CVSS score 9.8) in its Struts 2 open-source web framework. The vulnerability resides in the flawed file upload logic and allows attackers to manipulate upload parameters, resulting in arbitrary file upload and code execution under certain conditions. There is no known workaround, and the only solution is to upgrade to the latest versions, the affected versions being.

Read Post

Cato Networks

Read more about Apache Struts 2 Remote Code Execution (CVE-2023-50164) - Cato's Analysis and Mitigation

Implementing tenant isolation in multi-tenant Kubernetes clusters

Dec 15, 2023 By Rui De Abreu In Tigera

One recurrent point in our first interaction with Kubernetes users is the difficulty of implementing security controls on their Kubernetes clusters where tenant or workload isolation is required during rollout or runtime. This happens due to one of the following reasons: Calico provides several features and capabilities to cover each one of the above points with Policy Recommendation, Policy Board, and Dynamic Service and Threat Graph.

Read Post

Tigera

Read more about Implementing tenant isolation in multi-tenant Kubernetes clusters

SOC Efficiency is the New Imperative

Dec 15, 2023 By Michael Bacon In Forescout

The cybersecurity landscape is currently undergoing significant changes. Many organizations have followed the guidance of analysts by investing in top-of-the-line products and solutions. However, they are now facing unexpected challenges. These challenges include steep financial burdens, a lack of the expected return on investment, and the persistent ability of hackers to breach their security defenses.

Read Post

Forescout

Read more about SOC Efficiency is the New Imperative

Why you should use rotating proxies for web scraping

Dec 14, 2023 By SecuritySenses In SecuritySenses

Because data is an invaluable asset in an increasingly digitized world, companies are trying to get a competitive edge by acquiring data sets that can provide crucial insights. While big players utilize machine learning and Big Data, these technologies might be off-limits or too expensive for some companies. One of the most affordable alternatives to traditional Big Data research is web scraping, a technique of extracting data from websites through software. It is estimated that the web scraping industry has already surpassed $4 billion and is projected to reach $16 billion by 2035.

Read Post

SecuritySenses

Read more about Why you should use rotating proxies for web scraping

Forward Networks Named to Fortune Magazine 2023 Cyber 60 List

Dec 13, 2023 By Forward Networks In Forward Networks

Forward Networks announces that it has been named to the Fortune Magazine 2023 Cyber 60 List. Fortune compiled this prestigious list of the 60 most successful companies in the cybersecurity space after reviewing a pool of several hundred entries.

Read Post

Forward Networks

Read more about Forward Networks Named to Fortune Magazine 2023 Cyber 60 List

Resolving human error in application outages: strategies for success

Dec 13, 2023 By Malynnda Littky-Porath In AlgoSec

Application outages caused by human error can be a nightmare for businesses, leading to financial losses, customer dissatisfaction, and reputational damage. While human error is inevitable, organizations can implement effective strategies to minimize its impact and resolve outages promptly.

Read Post

AlgoSec

Read more about Resolving human error in application outages: strategies for success

Top 5 Disadvantages of VPN | Talk Data To Me

Dec 13, 2023 By Lookout In Lookout

On this episode of Talk Data To Me, host Hank Schless brings on security expert Tricia Nagar to discuss why #VPNs are inadequate for protecting data in a hybrid work environment and what you can do to resolve those issues.

View Video

Lookout

Read more about Top 5 Disadvantages of VPN | Talk Data To Me

The 443 Podcast - Episode 272 - Bluetooth Busted

Dec 13, 2023 By WatchGuard In WatchGuard

This week on the podcast, we cover a new unauthenticated keystroke injection vulnerability in the Bluetooth implementation on nearly every type of device. After that we discuss Logofail, a suite of vulnerabilities in most UEFI boot implementations that could let threat actors easily hide their tracks. We end by covering a recent CISA advisory on Adobe ColdFusion exploits in the wild. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.

View Video

WatchGuard

Read more about The 443 Podcast - Episode 272 - Bluetooth Busted

Evolving network security: AlgoSec's technological journey and its critical role in application connectivity

Dec 13, 2023 By Nitin Rajput In AlgoSec

Over nearly two decades, AlgoSec has undergone a remarkable evolution in both technology and offerings. Initially founded with the mission of simplifying network security device management, the company has consistently adapted to the changing landscape of cybersecurity.

Read Post

AlgoSec

Read more about Evolving network security: AlgoSec's technological journey and its critical role in application connectivity

Unlocking the secrets of a rock-solid cloud security game plan

Dec 13, 2023 By Malynnda Littky-Porath In AlgoSec

So, you’ve dipped your toes into the cloud, chasing after that sweet combo of efficiency, scalability, and innovation. But, hold up – with great power comes great responsibility. It’s time to build up those digital defenses against all the lurking risks that come with the cloud craze.

Read Post

AlgoSec

Read more about Unlocking the secrets of a rock-solid cloud security game plan

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Apache Struts 2 Remote Code Execution (CVE-2023-50164) - Cato's Analysis and Mitigation

Implementing tenant isolation in multi-tenant Kubernetes clusters

SOC Efficiency is the New Imperative

Why you should use rotating proxies for web scraping

Forward Networks Named to Fortune Magazine 2023 Cyber 60 List

Resolving human error in application outages: strategies for success

Top 5 Disadvantages of VPN | Talk Data To Me

The 443 Podcast - Episode 272 - Bluetooth Busted

Evolving network security: AlgoSec's technological journey and its critical role in application connectivity

Unlocking the secrets of a rock-solid cloud security game plan

Monthly Archive

Follow Us