Collaborate Disseminate
Several proof-of-concept (PoC) exploits for a recently patched critical vulnerability (CVE-2024-23897) in Jenkins have been made public and there’s evidence of exploitation in the wild. About CVE-2024-23897 Jenkins is a widely used Java-based ope… Continue reading Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897)
Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Adaptive Shield, Bitdefender, Bitwarden, Forescout, ImmuniWeb, Kingston Digital, LastPass, Lineaje, LOKKER, Menlo Security, MongoDB, Netskope, NetSPI,… Continue reading Infosec products of the month: August 2023
Here’s a look at the most interesting products from the past week, featuring releases from Forescout, Menlo Security, Qualys, Sonar, SpecterOps, Synopsys, Traceable AI, and Lineaje. Open-source penetration testing tool BloodHound CE released SpecterOps… Continue reading New infosec products of the week: August 4, 2023
Sonar announced a significant advancement of its Clean Code offering – developers can now automatically discover and fix code security issues arising from interactions between user source code and third-party, open-source libraries. Referred to as deep… Continue reading Sonar’s new deep-analysis capability discovers and fixes code security issues
SonarSource has launched SonarQube 9.9 Long-Term Support (LTS) that empowers organizations to achieve the Clean Code state securely and at scale. With accelerated pull request analysis, support for building and deploying secure cloud-native application… Continue reading SonarQube 9.9 LTS empowers organizations to boost the quality of their code
Critical vulnerabilities discovered in OpenEMR can be chained to gain code execution on a server running a vulnerable version of the popular open-source electronic health record system. Discovered, privately reported and now publicly documented by rese… Continue reading Critical OpenEMR vulnerabilities may allow attackers to access patients’ health records
If you’re running the Cacti network monitoring solution and you haven’t updated it since early December, now is the time to do it to foil attackers exploiting a critical command injection flaw (CVE-2022-46169). About Cacti and CVE-2022-4616… Continue reading Cacti servers under attack by attackers exploiting CVE-2022-46169
SonarSource announced Kevin Thompson, chairman and CEO of Tricentis and former president and CEO of SolarWinds, has joined its board of directors. As a seasoned business and finance leader, Thompson brings more than two decades of C-suite experience, a… Continue reading Kevin Thompson joins SonarSource Board of Directors
Geneva, December 17th, 2020, In 2020 SonarSource became a leader in Code Quality and Code Security solutions, upgrading its tools to bring unmatched SAST (Static Application Security Testing) precision and performance to developers. Now there’s a… Continue reading SonarSource now provides high-precision SAST tooling for developers, enabling them to own Code Security
The acquisition furthers the industry leader’s continued commitment to empower all development teams to build more secure software GENEVA, May 13, 2020 – SonarSource, maker of SonarQube and leader for Code Quality and Code Security solutions, tod… Continue reading SonarSource Acquires RIPS Technologies and Accelerates in the Application Security Market