Skip to content
GeekWire
  • HOME
  • NEWS
    • CERT
    • EXPLOITS
    • NCSC
    • NVD
    • SECURELIST
    • US-CERT
  • BLOG
    • Books
    • OSINT
    • Pentest
    • Privacy
  • GHDB
  • CHDB
  • OSINT
  • ARCHIVE
  • ABOUT
    • Privacy Policy
    • Terms of Use
    • External Links
    • Sitemap
GeekWire
GeekWire
  • HOME
  • NEWS
    • CERT
    • EXPLOITS
    • NCSC
    • NVD
    • SECURELIST
    • US-CERT
  • BLOG
    • Books
    • OSINT
    • Pentest
    • Privacy
  • GHDB
  • CHDB
  • OSINT
  • ARCHIVE
  • ABOUT
    • Privacy Policy
    • Terms of Use
    • External Links
    • Sitemap

Open Source

Log4Shell Hacks On and On

29 June 2022

Wikipedia states that Log4Shell was a zero-day vulnerability in Log4j, the popular Apache logging program. The key word is “was.” …

Tags Compliance, Hacks, IT, Log4Shell, Open Source

Cybersec Threat Hunter to DevOps: You’ve Been Framed…

29 June 2022

DevOps and cloud native development have gifted cyber attackers an enlarged attack surface and the ability to use organizations’ own …

Tags DevOps, IT, Methodologies, Open Source, Threats

Palo Alto Networks Brings Out-of-Band Web Security to Cloud

28 June 2022

Your first question when you read that headline was probably my first question. What is “Out-of-Band” …

Tags Cloud, Cloud Computing, Cloud Services, IT, Open Source

Latest OpenSSL version is affected by a remote memory corruption flaw

28 June 2022

Expert discovered a remote memory-corruption vulnerability affecting the latest version of the OpenSSL library. Security expert Guido …

Tags IT, News, Open Source, Open Source Software, OpenSSL

OpenSSL to Release Security Patch for Remote Memory Corruption Vulnerability

28 June 2022

The latest version of the OpenSSL library has been discovered as susceptible to a remote memory-corruption vulnerability on select systems. …

Tags Memory Corruption, Open Source, Open Source Software, Releases, Remote

OpenSSL 3.0.5 awaits release to fix potential worse-than-Heartbleed flaw

28 June 2022

The latest version of OpenSSL v3, a widely used open-source library for secure networking using the Transport Layer Security (TLS) …

Tags IT, News, Open Source, Open Source Software, OpenSSL

Software Supply Chain Compliance with Aqua’s Chain-Bench

27 June 2022

We can all agree today that we really need to know what’s what with your software supply chain. If you don’t know why I recommend you …

Tags Compliance, IT, Open Source, Open Source Software, Software Supply Chain

Only 3% of Open Source Software Bugs Are Actually Attackable, Researchers Say

24 June 2022

A new study says 97% of open source vulnerabilities linked to software supply chain risks are not attackable — but is “attackability” the …

Tags Bugs, Cloud, Cloud Computing, Open Source, Researchers

OpenSSL issues a bugfix for the previous bugfix

24 June 2022

If you’re an OpenSSL user, you’re probably aware of the most recent high-profile bugfix release, which came out back in March 2022. …

Tags Cryptography, IT, Open Source, Open Source Software, OpenSSL

iPaaS: The latest enterprise cybersecurity risk?

24 June 2022

iPaaS apps are vulnerable because they transport highly sensitive data from core systems, include many different third-party apps in the …

Tags Apache Software Foundation, CISO, IT, Open Source, Open Source Software

Classifying Severity Levels for Your Organization

23 June 2022

Working with previously defined severity levels helps on-call teams to quickly triage major issues. As we have seen in this post, each …

Tags Culture, IT, Open Source, Open Source Software, Organizations

Jit: Security-as-Code Pioneer Opens for Business

22 June 2022

Anyone can make plans. Turning plans into reality, that’s …

Tags Business, IT, Jit, Open Source, Pioneer

Applying Zero Trust Security to Kubernetes Via Service Mesh

22 June 2022

Earlier this year, the White House issued an Executive Order on Improving the Nation’s Cyber Security, which laid the groundwork for …

Tags IT, Open Source, Open Source Software, Service Mesh, Via

How Web Assembly Can Mitigate the Software Supply Chain Crisis

22 June 2022

The definition of insanity, according to no less than the insightful mind of Albert Einstein, is doing the same thing over and over and …

Tags Crisis, How, IT, Open Source, Open Source Software
Post navigation
Older posts
Page1 Page2 … Page191 Next →
Cookie-Free

NVD

  • CVE-2022-34835 – In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based b …30 June 2022
  • CVE-2017-20121 – A vulnerability was found in Teradici Management Console 2.2.0. It has been declared as cr …30 June 2022
  • CVE-2017-20122 – A vulnerability classified as problematic was found in Bitrix Site Manager 12.06.2015. Aff …30 June 2022
  • CVE-2017-20123 – A vulnerability was found in Viscosity 1.6.7. It has been classified as critical. This aff …30 June 2022
  • CVE-2017-20124 – A vulnerability classified as critical has been found in Online Hotel Booking System Pro P …30 June 2022
  • CVE-2017-20125 – A vulnerability classified as critical was found in Online Hotel Booking System Pro 1.2. A …30 June 2022

EXPLOITS

  • Mailhog 1.0.1 – Stored Cross-Site Scripting (XSS)28 June 2022
  • WSO2 Management Console (Multiple Products) – Unauthenticated Reflected Cross-Site Scripting (XSS)28 June 2022
  • WordPress Plugin Weblizar 8.9 – Backdoor28 June 2022
  • Real Player 16.0.3.51 – ‘external::Import()’ Directory Traversal to Remote Code Execution (RCE)14 June 2022
  • Real Player v.20.0.8.310 G2 Control – ‘DoGoToURL()’ Remote Code Execution (RCE)14 June 2022
  • SolarView Compact 6.00 – ‘pow’ Cross-Site Scripting (XSS)14 June 2022

SECURELIST

  • The SessionManager IIS backdoor30 June 2022
  • The SessionManager IIS backdoor: a possibly overlooked GELSEMIUM artefact30 June 2022
  • The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs23 June 2022
  • APT ToddyCat21 June 2022
  • ‘Unpacking’ technical attribution and challenges for ensuring stability in cyb20 June 2022
  • How much does access to corporate infrastructure cost?15 June 2022

Information Cyber Network Enterprise Security News

Copyright © 2022 GeekWire | Cookie-Free | Privacy Policy | We are not responsible for the content of external sites.

GeekWire Information Cyber Network Enterprise Security News

Next Page »