Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CVE-2024-49113, also known as LDAPNightmare, is a high severity (CVSS score of 7.5) unauthenticated Denial of Service (DoS) vulnerability in Windows Lightweight Directory Access Protocol (LDAP). This vulnerability allows attackers to crash any unpatched Windows server with an internet-accessible DNS server by overwhelming a critical internal component of the operating system. Both CVE-2024-49113 and its relative, the critical RCE vulnerability CVE-2024-49112, were publicized in December 2024.

When it comes to cybersecurity, vulnerability management is one of the older technologies that still play a critical role in securing our assets. It is often overlooked, disregarded, or considered only for checkbox compliance needs, but a proper vulnerability management program can play a critical role in avoiding a series of data breaches. CIS Control 07 provides the minimum requirements and table stakes, if you will, for establishing a successful vulnerability management program.

On September 19th, 2024, a critical vulnerability (CVE-2024-40748) was discovered in Joomla version 5.1.4, exposing their website to stored cross-site scripting (XSS) attacks. Stored cross-site scripting (second-order or persistent XSS) arises when an application receives data from an untrusted source and unsafely includes it within its later HTTP responses. This could lead to attackers injecting malicious scripts into the website, which would be executed whenever a user visits a specific page.

Docker security refers to the build, runtime, and orchestration aspects of Docker containers. It includes the Dockerfile security aspects of Docker base images, as well as the Docker container security runtime aspects—such as user privileges, Docker daemon, proper CPU controls for a container, and further concerns around the orchestration of Docker containers at scale. The state of Docker container security unfolds into 4 main Docker security issues.

At the beginning of June 2024, Bitsight TRACE started analyzing a new CISA KEV vulnerability that had just come out, with the goal of creating a detection capability that could be implemented on an Internet-wide scale.

Application Programming Interface (API) vulnerabilities are security weaknesses in an API’s code that cybercriminals can exploit. These vulnerabilities can lead to data breaches and unauthorized system access. Common API vulnerabilities include inadequate authentication and authorization, excessive data exposure and insufficient data encryption. Continue reading to learn about the common risks associated with APIs, along with practical methods and solutions to prevent these vulnerabilities.

On November 12th, 2024, at the Pavilion Hotel in Kuala Lumpur, Snyk’s Field CTO, Pas Apicella, delivered an insightful presentation at the Digital Banking Asia Summit 2024 in Malaysia. Titled, ‘Securing the Digital Future: Best Practices for Application Security in Digital Banking’, his talk focused on actionable strategies to address pressing challenges in the financial services industry.

Looking back on 2024 to start the new year, we had the great opportunity to host and be part of several conversations and demonstrations that we hope were valuable learning opportunities for everyone who joined us. Let’s take a moment to review some of the highlights from those 2024 events before we leap into 2025.

In a world where dozens of CVEs are released every day, there are vulnerabilities, and there are vulnerabilities. The latest Microsoft Windows LDAP (Lightweight Directory Access Protocol) vulnerabilities, which were coined not once but twice (“LDAPBleed” and “LDAPNightmare”), clearly belong to the shortlist of new and dangerous CVEs.