In a security advisory published on May 9th, Microsoft disclosed the existence of a Local Privilege Escalation vulnerability in Sysmon (CVE-2023-29343). The vulnerability was discovered by an independent security researcher and was responsibly disclosed to Microsoft. Microsoft has released Sysmon version 14.16 to address this vulnerability.

On May 11th, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released an advisory highlighting the active malicious exploitation of CVE-2023-27350 in PaperCut MF and PaperCut NG software by a threat actors including one known as the Bl00dy Ransomware Gang. The US-CERT Alert (AA23-131A) Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG includes detailed information about this investigation (along with attacker TTPs and IOCs).

Ignoring the little stuff is never a good idea. Anyone who has pretended that the small noise their car engine is making is unimportant, only to later find themselves stuck on the side of the road with a dead motor will understand this statement. The same holds true when it comes to dealing with minor vulnerabilities in a web application. Several small issues that alone do not amount to much, can in fact prove dangerous, if not fatal, when strung together by a threat actor.

Web applications are vulnerable to several kinds of attacks, but they’re particularly susceptible to code injection attacks. One such attack, the XPath Injection, takes advantage of websites that require user-supplied information to access data stored in XML format. All sites that use a database in XML format might be vulnerable to this attack. XPath is a query syntax that websites can use to search their XML data stores.

Finding and fixing security issues in your code has its challenges. Chief among them is the important step of actually changing your code to fix the problem. Getting there is a process: sorting through security tickets, deciphering what those security findings mean and where they come from in the source code, and then determining how to fix the problem so you can get back to development. Not to worry — AI will take care of everything, right?

KrakenLabs has developed a new naming convention that uses poisonous plants to represent the origin and criminal activities of threat actors. This approach provides a creative way to classify different types of threat actors, allowing security professionals to quickly understand the nature and behavior of the threat actor, which is helpful for identifying and mitigating threats effectively.

We are honored and humbled to announce Snyk has been named to the CNBC 2023 Disruptor 50 List, following our debut on the Disruptor List in 2021 and our listing as a Top Startup for the Enterprise in 2022. The full list was unveiled this morning. Industry recognitions like this are a testament to all of the hard work and dedication our global team puts into fulfilling our founding mission each and every day: equipping and empowering every one of the world’s developers to build securely.

Organizations can reduce security risks in containerized applications by actively managing vulnerabilities through scanning, automated image deployment, tracking runtime risk and deploying mitigating controls to reduce risk Kubernetes and containers have become de facto standards for cloud-native application development due to their ability to accelerate the pace of innovation and codify best practices for production deployments, but such acceleration can introduce risk if not operationalized properly.

Third-party software security risks are on the rise, and so are the significant cyberattacks they facilitate. According to a CrowdStrike report, 45% of surveyed organizations said they experienced at least one software supply chain attack in 2021. In 2023, the average number of SaaS apps used by each company is 130 - a 5x increase compared to 2021.