Log4Shell Hacks On and On
Wikipedia states that Log4Shell was a zero-day vulnerability in Log4j, the popular Apache logging program. The key word is “was.” …
Wikipedia states that Log4Shell was a zero-day vulnerability in Log4j, the popular Apache logging program. The key word is “was.” …
DevOps and cloud native development have gifted cyber attackers an enlarged attack surface and the ability to use organizations’ own …
Your first question when you read that headline was probably my first question. What is “Out-of-Band” …
Expert discovered a remote memory-corruption vulnerability affecting the latest version of the OpenSSL library. Security expert Guido …
The latest version of the OpenSSL library has been discovered as susceptible to a remote memory-corruption vulnerability on select systems. …
The latest version of OpenSSL v3, a widely used open-source library for secure networking using the Transport Layer Security (TLS) …
We can all agree today that we really need to know what’s what with your software supply chain. If you don’t know why I recommend you …
A new study says 97% of open source vulnerabilities linked to software supply chain risks are not attackable — but is “attackability” the …
If you’re an OpenSSL user, you’re probably aware of the most recent high-profile bugfix release, which came out back in March 2022. …
iPaaS apps are vulnerable because they transport highly sensitive data from core systems, include many different third-party apps in the …
Working with previously defined severity levels helps on-call teams to quickly triage major issues. As we have seen in this post, each …
Anyone can make plans. Turning plans into reality, that’s …
Earlier this year, the White House issued an Executive Order on Improving the Nation’s Cyber Security, which laid the groundwork for …
The definition of insanity, according to no less than the insightful mind of Albert Einstein, is doing the same thing over and over and …