This article aims to share timely and relevant information about a rapidly developing campaign under investigation. We are publishing it as early as possible for the benefit of the cybersecurity community, and we may provide updates in the near future once more details become available in our research.

Broken access control, the vulnerability category consistently ranking on the OWASP Top 10 Web Application Security Risks list, poses the most significant challenge for application security right now. Over-reliance on automated solutions to tackle these challenges creates a false sense of security and could have severe implications for application owners.

The financial sector is constantly adapting to emerging threats and regulatory changes. The New York Department of Financial Services (NYDFS) is at the forefront of cybersecurity regulation, ensuring that covered entities within the state maintain robust cybersecurity programs. In this blog post, we’ll dive into the recent changes to NYDFS regulations, specifically focusing on vulnerability management and an updated definition of risk assessment.

Containers offer a streamlined application deployment and management approach. Thanks to their efficiency and portability, platforms like Docker and Kubernetes have become household names in the tech industry. However, a misconception lurks in the shadows as containers gain popularity - the belief that active vulnerability scanning becomes redundant once containers are implemented.

This blog post series offers a gentle introduction to Rego, the policy language from the creators of the Open Policy Agent (OPA) engine. If you’re a beginner and want to get started with writing Rego policy as code, you’re in the right place. In this three-part series, we’ll go over the following.

On October 30, U.S. President Joseph Biden issued a sweeping Executive Order (“EO”) focused on making AI safer and more accountable.

All secured webservers are alike; each vulnerable webserver running on a network appliance is vulnerable in its own way. On October 16th 2023 Cisco published a security advisory detailing an actively exploited vulnerability (CVE-2023-20198) in its IOS XE operating system with a 10 CVSS score, allowing for unauthenticated privilege escalation and subsequent full administrative access (level 15 in Cisco terminology) to the vulnerable device.

On October 31st, Atlassian disclosed a significant security vulnerability tracked as CVE-2023-22518, affecting all versions of Confluence Data Center and Confluence Server software. This vulnerability, rated with a critical severity score of 9.1 in the Common Vulnerability Scoring System (CVSS), has the potential to result in substantial data loss if exploited by threat actors. Its critical nature arises from its capacity to inflict severe consequences on an organization’s data integrity.

During a recent customer engagement, we encountered an interesting situation. The customer had raised concerns about a Java XXE (XML External Entity) vulnerability that had left their developers puzzled. Notably, their Static Application Security Testing (SAST) scans consistently identified this as a potential vulnerability.