Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Vulnerability

Snyk

Prevent OWASP Top 10 vulns with new Snyk Learn learning path

Jan 17, 2023 By Michael Biocchi In Snyk

The holidays are over but the gifts keep coming! Introducing Snyk Learn learning paths! Our free developer-security education offering just got better! Snyk Learn provides free, high-quality education to developers created by security experts. We know it’s cold outside. We also know that we might be a little slow out the gate after the holidays. Emails? No more inbox 0. Slack messages? Too many to count.

Read Post
tripwire

The prevalence of RCE exploits and what you should know about RCEs

Jan 17, 2023 By Tripwire Guest Authors In Tripwire

Recent headlines have indicated that some major companies were affected by Remote Code Execution (RCE) vulnerabilities, just in the month of October. RCE flaws are largely exploited in the wild, and organizations are continually releasing patches to mitigate the problem. RCE is a type of an Arbitrary Code Execution (ACE) attack where the threat actor executes malicious commands on the target’s device.

Read Post
outpost 24

Cyber Threat Landscape Study 2023: Outpost24's honeypot findings from over 42 million attacks

Jan 17, 2023 By Outpost 24 In Outpost 24

What are the most common cybersecurity threats facing your business? The 2023 Cyber Threat Landscape Study provides valuable threat intelligence to help you implement the appropriate security measures against real threats. The Outpost24 research team is sharing the results of the attack data from a network of honeypots deployed to gather actionable threat intelligence. Here are the key findings from the 42 million attacks that were registered (between January 1 – September 30, 2022).

Read Post
astra

Chrome "Symstealer" Vulnerability Puts 2.5 Billion Users at Risk

Jan 16, 2023 By Nivedita James In Astra

An analysis of the way in which symlinks are handled by Google’s Chrome browser and other web browsers that use the Chromium web browser project revealed a vulnerability that can result in the theft of sensitive data including crypto wallets and cloud provider credentials. It is dubbed CVE-2022-3656. The issue was partially fixed in Chrome 107 and fully redressed in Chrome 108.

Read Post
Trustwave

CVE-2022-43704 - Capture-Replay Vulnerability in Sinilink XY-WFT1 Thermostat

Jan 12, 2023 By Trustwave In Trustwave

Trustwave SpiderLabs has found a vulnerability in the Sinilink XY-WFT1 Remote WiFi home Thermostat. When running firmware V1.3.6, it allows an attacker to replay the same data or similar data, possibly allowing an attacker to control the device attached to the relay without requiring authentication.

Read Post

Best Practices for Your First 30 Days with Snyk, January 2023 - Snyk Customer Office Hours

Jan 12, 2023 By Snyk In Snyk
As a new Snyk customer, do you want to get started with Snyk while following best practices? Or are you interested in learning about: Account set up strategies SSO and user provisioning Notification and automation settings and more...
View Video

Unraveling the Secrets of Your JavaScript Dependencies

Jan 11, 2023 By Snyk In Snyk
Untangling the secrets of your JavaScript Dependencies During this livestream we are joined by API lead and Node j.s expert Thomas Gentilhomme. We dive into topics ranging from, Thomas' background and experience to untangling the secrets of your dependencies, and even test an example of NPM packages. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.