CVE-2016-15023

Read Time:23 Second

A vulnerability, which was classified as problematic, was found in SiteFusion Application Server up to 6.6.6. This affects an unknown part of the file getextension.php of the component Extension Handler. The manipulation leads to path traversal. Upgrading to version 6.6.7 is able to address this issue. The name of the patch is 49fff155c303d6cd06ce8f97bba56c9084bf08ac. It is recommended to upgrade the affected component. The identifier VDB-219765 was assigned to this vulnerability.

Read More

USN-5836-1: Vim vulnerabilities

Read Time:13 Second

It was discovered that Vim was not properly performing memory management
operations. An attacker could possibly use this issue to cause a denial
of service or execute arbitrary code. (CVE-2022-47024, CVE-2023-0049,
CVE-2023-0054, CVE-2023-0288, CVE-2023-0433)

Read More

IoT, connected devices biggest contributors to expanding application attack surface

Read Time:30 Second

The growth of the internet of things (IoT) and connected devices are the biggest contributing factors to organizations’ expanding attack surfaces. That’s according to a new report from Cisco AppDynamics, which revealed that 89% of global IT professionals believe their organization has experienced an expansion in its attack surface over the last two years. The Shift to a Security Approach for the Full Application Stack report surveyed 1,150 IT professionals in organizations across a range of sectors and international markets to outline the current application security challenges impacting IT departments.

To read this article in full, please click here

Read More

Guardz debuts with cybersecurity-as-a-service for small businesses

Read Time:30 Second

Guardz, a Tel Aviv-based startup promising a broad range of out-of-the-box cybersecurity solutions for small and medium-size businesses (SMBs), has announced both a successful $10 million round of seed funding and the broad availability of its flagship product.

The premise of the company’s main offering is tight API integration with Microsoft 365 and Google Workspace. Guardz automatically enrolls all user accounts upon activation, and monitors risk posture, performs threat detection on all monitored accounts and devices, and offers one-click remediation for some threats.

To read this article in full, please click here

Read More