Millions of Installations Potentially Vulnerable to Spring Framework Flaw
Internet scan indicates hundreds of thousands of vulnerable installations, while data from the major Java repository suggests millions, firms say.
Log4j Showed Us That Public Disclosure Still Helps Attackers.
Public disclosure is still a bit of a mess By Alex Haynes, CISO, CDL At 2:25 pm on […] The…
Beastmode botnet boosts DDoS power with new router exploits
A Mirai-based distributed denial-of-service (DDoS) botnet tracked as Beastmode (aka B3astmode) has updated its list of exploits to include several new ones,…
More Than Ever, Security Matters
Public policy proposals must consider technical, practical, and real-world security effects, and make sure we avoid unintended consequences.
Apple emergency update fixes zero-days used to hack iPhones, Macs
Apple has released security updates on Thursday to address two zero-day vulnerabilities exploited by attackers to hack iPhones, iPads, and…
Protecting Your Organization Against a New Class of Cyber Threats: HEAT
Take a preventative threat approach and apply security measures near end users, applications, and data to increase protection.
Cybercriminals Fighting Over Cloud Workloads for Cryptomining
Whether compromising misconfigured cloud infrastructure or taking advantage of free-tier cloud development platforms, attackers see a vast pool of workloads…
Too Hot to Handle:The case for Zero Trust and SASE
By Jonathan Lee, Senior Product Manager, Menlo Security Insecurity today we often see the continued reliance on legacy […] The…
Zero-Day Surge Led to More Rapid Exploitation of Bugs in 2021
New vulnerability study shows how "attacker economies of scale" have shaped the risk landscape.
Security’s Life Cycle Isn’t the Developers’ Life Cycle
Whether it's PCI-DSS, SSDLC, or GDPR, the criteria that security standards expect businesses to uphold are neither realistic or feasible.