The Latest in IT Security

1

Compromised credentials and identities, third-party breaches, API attacks, and application exploits are all foundational entry points for today’s hackers. Recent months have brought many high-profile breaches from Samsung and Nvidia to Okta and the continued aftermath of Log4j. Still, ultimately, these attacks are all symptoms of the same problem: organizations do not have visibility into […]

Read more ...

1

The U.S. Cybersecurity and Infrastructure Agency (CISA) has issued an emergency directive over two new vulnerabilities in VMware products. According to the advisory, threat actors are likely to exploit CVE-2022-22972 and CVE-2022-22973 in several products including VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, and vRealize Suite […]

Read more ...

1

Tracked as CVE-2021-25094 (CVSS score of 8.1), the vulnerability exists because one of the supported actions does not require authentication when uploading a zip file that is extracted under the WordPress upload directory. While the plugin includes an extension control, this can be bypassed by adding a PHP shell with a filename that begins with […]

Read more ...


Categories

MONDAY, MAY 23, 2022
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments