On September 27, 2023, Progress Software released a security advisory detailing multiple vulnerabilities in their WS_FTP Server product, including two with a critical severity rating. CVE-2023-40044 (CVSS 10) is a deserialization vulnerability that affects the Ad Hoc Transfer module and could allow a threat actor to obtain remote code execution if successfully exploited.

The widespread success and influence of Microsoft Visual Studio (VS) Code can be largely credited to its extensibility. While it's often categorized as a code editor, with the right knowledge and extensions, it can be so much more. For instance, it can also be used as a web browser, word processor, or file-management system. Microsoft also encourages developers to take advantage of VS Code's extensibility by making the VS Code API as accessible as possible.

WebP is an open-source image format developed by Google. WebP enables higher quality images in smaller file sizes. The package, released by Google, encodes and decodes images in WebP format and is used widely across the internet for lossless image compression.

Multi-factor authentication is an authentication method that asks for two or more authentications from users to get access to a resource or any device. Multi-factor authentication is also known as two-factor authentication, or 2FA. Generally, hackers gain access to a single authentication, such as a password; however, it is quite difficult to break the two-factor authentication.

Nuance Communications is a Microsoft-owned software solutions provider employing more than 6,500 people. Nuance controls industry-defining AI, which professionals may use to fully automate tasks, such as entering and manipulating medical records. Many of Nuance’s clients are hospitals, clinics, and health centers in the southeast of the US; those who have received medical services in these areas are now at risk following the most recent MOVEit data breach.

Open port vulnerabilities pose a significant security risk to your organization. If left exposed, ports are a gateway for hackers to breach your network and steal your data. But what are open ports, why are they a security risk, and what can you do to close open port vulnerabilities? Let’s answer your open port questions.

Welcome to the 11th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners. This post will focus on API10:2023 Unsafe Consumption of APIs. In this series we are taking an in-depth look at each category – the details, the impact and what you can do about it.

Webp is the backbone of the webp extension. Any image that is saved to the webp image format most likely was created using the webp library. The library was released in 2010 by Google.

We are constantly researching ways to improve our products. For the Web Application Firewall (WAF), the goal is simple: keep customer web applications safe by building the best solution available on the market. In this blog post we talk about our approach and ongoing research into detecting novel web attack vectors in our WAF before they are seen by a security researcher. If you are interested in learning about our secret sauce, read on.

The complexity of technology is ever-increasing and the number of breaches (and the cost of dealing with them) is growing right along with it. Governments are cracking down and turning cybersecurity from nice to have to absolutely mandatory. In response, organizations across industries are taking a more serious look at their security posture and, with that, the need to perform thorough vulnerability assessments.