Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Three trends shaping software supply chain security today

Building software continues to look like an assembly line, with developers pulling resources from across the web to create applications. Although third-party resources have played an essential role in developing software for many years, the way that development teams use these external components looks different today.

CVE-2024-28986 & CVE-2024-28987: Follow-Up: New SolarWinds HotFix Addresses Critical Vulnerabilities in Web Help Desk

On August 21, 2024, SolarWinds released a second hotfix for SolarWinds Web Help Desk (WHD) version 12.8.3. This hotfix addresses a newly disclosed hardcoded credential vulnerability (CVE-2024-28987) that allows a remote, unauthenticated attacker to access internal functionality and modify data. Additionally, the hotfix resolves the Java deserialization remote code execution (RCE) vulnerability (CVE-2024-28986) disclosed the previous week and fixes functionality issues introduced by the first hotfix.

Understanding Out-of-Bounds Memory Access Vulnerabilities and Detecting Them with Fuzz Testing

Out-of-bounds memory access, also known as buffer overflow, occurs when a program tries to read from or write to a memory location outside the bounds of the memory buffer that has been allocated for it. This type of vulnerability is particularly dangerous because it can lead to various issues, including crashes, data corruption, sensitive data leaks, and even the execution of malicious code.

Red Teaming vs Penetration Testing: Understanding the Differences

In today’s rapidly evolving cybersecurity landscape, organisations must stay ahead of emerging threats and vulnerabilities to remain competitive. Two critical approaches to bolster security are Red Teaming and Penetration Testing. While these terms are often used interchangeably, they serve different purposes and employ distinct methodologies. Understanding the differences between Red Teaming and Penetration Testing is essential for implementing an effective cybersecurity strategy.

Keeping Financial Services Organizations Secure in an AI World

When we talk about financial services and technology, security and regulatory compliance are always top of mind. And now, Generative AI has entered the chat - one of the most talked-about technologies of recent years. And Financial Services institutions have only begun to scratch the surface of what generative AI can do. The problem is, so have cyber threat actors. In this session from Splunk, and IDC, you’ll hear key insights into how financial services companies are improving their security posture in an AI World, and how those practices can benefit your organizations.

Secure Databases at the Point of Data: Rubrik Support for Oracle Databases on Windows Is Now Available

In today's data-driven world, protecting critical business information is paramount. We're excited to announce that Rubrik support for Oracle Databases on Windows is now available. This added support enables customers to bring Rubrik Security Cloud to even more of their mission-critical Oracle environments, providing a comprehensive, efficient, and reliable data protection solution for enterprises of all sizes.