Collaborate Disseminate
On August 13, 2020, Apache published a security bulletin that addressed a couple of application vulnerabilities in Struts 2, which included CVE-2019-0230. At the same time, proof-of-concept (POC) exploit code was released on GitHub. CVE-2019-0230 is a … Continue reading Contrast Labs: Apache Struts CVE-2019-0230 and How to Block Attacks
I had the great delight of reading Geoff White’s new book, “Crime Dot Com: From Viruses to Vote Rigging, How Hacking Went Global”, I thoroughly recommend it. The book is superbly researched and written, the author’s storytelling style not only lifts th… Continue reading Book Review: Crime Dot Com, From Viruses to Vote Rigging, How Hacking Went Global
A new BEC threat group is heralding more sophisticated email scams that target organizations without DMARC and squeeze as much money out of victims as possible. Continue reading A ‘New Age’ of Sophisticated Business Email Compromise is Coming
Application programming interfaces (APIs) are increasingly opening paths to vulnerabilities further down in application architectures. But legacy security testing approaches and firewalls are an inefficient and ineffective approach to securing APIs, as… Continue reading Assessing API Security Risks, Plotting a Solution
The post Security in Kubernetes Environment appeared first on CCSI.
The post Security in Kubernetes Environment appeared first on Security Boulevard.
Continue reading Security in Kubernetes Environment
Phishing threat actors constantly tweak and tune their attacks to evade secure email gateways to reach user inboxes. When that happens, your best users will report those attacks to security, giving you a jump on neutralizing the threat. In this episode… Continue reading Phish Fryday – Phishing Trends from the Front Lines
Phishing threat actors constantly tweak and tune their attacks to evade secure email gateways to reach user inboxes. When that happens, your best users will report those attacks to security, giving you a jump on neutralizing the threat. In this episode… Continue reading Phish Fryday – Phishing Trends from the Front Lines
At Contrast Security, the Contrast Labs team is charged with numerous things. Part of this charter includes looking at threat intelligence and understanding the true threat landscape. This encompasses risks that different vulnerabilities may pose to an… Continue reading Contrast Labs: Mapping Risk Profiles for Select OWASP Top 10 Vulnerabilities to Understand Their AppSec Risk
Cyber defense goes beyond following a book of best practices. It requires awareness of current threats and how to defend against those threats, otherwise the amount of “what ifs” will overwhelm a security team. In this episode, we speak wit… Continue reading Phish Fryday – Threat Intelligence in Phishing Defense
Cyber defense goes beyond following a book of best practices. It requires awareness of current threats and how to defend against those threats, otherwise the amount of “what ifs” will overwhelm a security team. In this episode, we speak wit… Continue reading Phish Fryday – Threat Intelligence in Phishing Defense