This article provides a synopsis of the Follina exploit and simple steps you can take to mitigate this severe remote code execution vulnerability within Microsoft Support Diagnostic Tool (MSDT). This vulnerability is triggered via common Windows applications such as Microsoft Word and is being actively exploited by known hacking groups.
No matter what niche your organization specializes in, building trust with your customers is a major pillar around which a business is built. In a world where customers are picky with who they work with, data security and privacy practices are quickly becoming a competitive advantage. Showing your customers that you take your regulatory and contractual obligations seriously goes a long way in earning their trust, while also reducing exposure to risk and liabilities.
On May 31, 2022, a critical vulnerability in Atlassian Confluence Server and Confluence Data Center was disclosed by Volexity. While conducting an incident response investigation involving internet-facing servers with the Confluence server installed, Volexity determined that the servers were compromised and attackers were launching successful remote code execution (RCE) exploits.
My time at NERC had me involved with quite a few projects over my seven-year career there. I was involved with CIP compliance audits, investigations, auditor training, and many advisory sessions. Typically, I was advising entities across North America on different tactics, techniques, and insight from best practices I have seen. I wanted to share a few of the dos and don’ts during my experience out in the field.
We know for customers creating automation Stories in Tines, anything that makes tracking your progress more manageable and helps you demonstrate the platform's value makes a big difference. We're excited to announce that Reporting is now live across Tines. This new feature allows our customers and Community Edition users quickly and easily calculate how much time they're saving by automating their repetitive workflows through the platform.
Serverless computing brings a highly efficient way to deploy applications and run software on demand. Testament to that is the fact that serverless application adoption is increasing significantly over the years, with at least 1 in 5 organizations using FaaS (Function as a Service) in major Cloud providers such as Amazon, Azure & GCP.
The pandemic has caused havoc on business and personal lives. It also highlighted the importance of personal data and its vulnerability. To combat this, governments across the globe have reviewed and modulated their privacy laws and regulations. Including the African governments and legislators. Over the recent years, Internet usage has increased significantly on the African continent. The usage was aided by continued investment in local digital infrastructure and improved user access.
At Tigera, we strive to innovate at every opportunity thrown at us and deliver what you need! We have listened to what users ask and today we are excited to announce the early preview of Calico Enterprise 3.14. From new capabilities to product supportability and extending partnerships with our trusted partners, let’s take a look at some of the new features in this release.
In August 2021, ZDI announced Pwn2Own Austin 2021, a security contest focusing on phones, printers, NAS devices and smart speakers, among other things. The Pwn2Own contest encourages security researchers to demonstrate remote zero-day exploits against a list of specified devices. If successful, the researchers are rewarded with a cash prize, and the leveraged vulnerabilities are responsibly disclosed to the respective vendors so they can improve the security of their products.
