Wallarm has rolled out the update to detect and mitigate CVE-2021-44228. No additional actions are required from the customers Attempts at exploitation will be automatically blocked in a blocking mode When working in a monitoring mode, consider creating a virtual patch Log4Shell A 0-day exploit in the Java core library log4j was discovered that results in Remote Code Execution (RCE) by simple 1-line exploit with JNDI URL. Given how ubiquitous this library is, the impact…
Greetings, dear scholarship recipients! Applications for the scholarship draw should have closed on September 31st, but we are still receiving applications from you. At the moment there were 148 applications and only 3 people managed to submit them in time, now they are sent to our technical specialists for checking. My first impression of the 3 essays turned in is that 2 are definitely failures and 1 looks better. When we announced this scholarship, we…
Security probably would not be too interesting to you at all if you were a liquor store, restaurant, or work in similar sectors of the economy. However, security should definitely be a front-row concept if you are a start-up in the technology space or a business that depends on technology for success. Generally, suppose you are running a B2B (Business to Business) organization or a B2C (Business to Consumer) where you have to interact with…
Product security (ProdSec) is crucial in the process of growing your business, as it helps build a solid and recognizable brand for products.
The risks involved with the operatorAliases option in Sequelize, the popular library for DBMSs
This year is full of extraordinary events and cybersecurity domains are not an exception. Massive WebSocket vulnerabilities are not so often discovered, we can say they are piece. But here is a new one, named CVE-2020-24807 was mentioned in a Socket.io advisory 6 days ago: https://github.com/advisories/GHSA-6495-8jvh-f28x
