Cisco Products Receive Patches for Critical Struts Vulnerability

Cisco Systems has released patches for some of its products that use the Apache Struts web development framework and are affected by a recently announced critical vulnerability. The flaw, tracked as CVE-2018-11776, was patched in Apache Struts two wee… Continue reading Cisco Products Receive Patches for Critical Struts Vulnerability

Someone Dropped a Windows Zero-Day Exploit on GitHub

A previously unknown vulnerability that allows attackers to obtain SYSTEM privileges on Windows computers has been publicly disclosed. Someone with the username SandboxEscaper posted a link to a proof-of-concept exploit on Twitter and then deleted the… Continue reading Someone Dropped a Windows Zero-Day Exploit on GitHub

The Apache Struts2 RCE Vulnerability – Application Security Weekly #30

Keith Hoodlet and Paul Asadoorian talk about The Apache Struts2 RCE Vulnerability. They cover: – CVE-2018-11776 – How the 3 Ways of DevOps can guide us toward better security practices – Shared Version Control – Test Environment… Continue reading The Apache Struts2 RCE Vulnerability – Application Security Weekly #30