Log4Shell: A Tale of Two Detection Techniques
Endpoint detection and response (EDR) can only take you so far in identifying Log4j exploit attempts. Here’s why dynamic checks are needed to uncover vulnerable...
Network Scanning
Regardless of your motivations (attacker or defender), you need to know the ports, hosts and services available within a network. From a defender's point of...
A Vulnerability in Apple Products Could Allow for Arbitrary Code Execution
A vulnerability has been discovered in Apple Products, which could allow for arbitrary code execution if a user views a specially crafted web page. iOS...
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser...
Multiple Vulnerabilities in SAP Products Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in SAP products, the most severe of which (CVE-2022-22536) could allow for remote code execution. SAP is a software company...
CVE-2022-22536: SAP Patches Internet Communication Manager Advanced Desync (ICMAD) Vulnerabilities
SAP and Onapsis Research Labs collaborate to disclose three critical vulnerabilities impacting SAP NetWeaver Application Servers. The most severe of the three could lead to...
Multiple Vulnerabilities in Mozilla Firefox and Firefox Extended Support Release (ESR) Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla Firefox and Firefox Extended Support Release (ESR), the most severe of which could allow for arbitrary code execution....
[R1] Nessus Versions 8.15.3 and 10.1.1 Fix Multiple Third-Party Vulnerabilities
Nessus leverages third-party software to help provide underlying functionality. One of the third-party components (Expat) was found to contain vulnerabilities, and an updated version has...
Multiple Vulnerabilities in Adobe Products could allow for Arbitrary Code Execution.
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for Arbitrary Code Execution. Premiere Rush is a video editor....
Microsoft’s February 2022 Patch Tuesday Addresses 48 CVEs (CVE-2022-21989)
Microsoft addresses 48 CVEs in its February 2022 Patch Tuesday release, including one zero-day vulnerability that was publicly disclosed, but not exploited in the wild....