Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Emerging Threat: Palo Alto PAN-OS CVE-2024-3393
CVE-2024-3393 is a high severity (CVSS v4.0 score 8.7) Denial of Service (DoS) vulnerability affecting specific versions of Palo Alto Networks PAN-OS DNS Security feature. This vulnerability allows unauthenticated attackers to send malicious packets through the data plane of the firewall. This forces the firewall to reboot. Repeated attempts can force the firewall into maintenance mode, requiring security teams to manually reset the firewall and significantly disrupting operations.
SquareX Researchers Expose OAuth Attack on Chrome Extensions Days Before Major Breach
SquareX, an industry-first Browser Detection and Response (BDR) solution, leads the way in browser security. About a week ago, SquareX reported large-scale attacks targeting Chrome Extension developers aimed at taking over the Chrome Extension from the Chrome Store.
Security Bulletin: Critical Remote Code Execution Vulnerability in Apache Struts [CVE-2024-53677]
A newly discovered critical vulnerability, CVE-2024-53677, in Apache Struts enables remote code execution (RCE) and is actively exploited in the wild using a publicly available Proof-of-Concept (PoC). Apache Struts is an open-source framework for building Java-based web applications. It helps developers create scalable software solutions, that powers everything from e-commerce websites to financial systems and government platforms.
A Simple Guide to Building a Discord Bot! (Part 3)
This is the third video of our series 'How to Build a Discord Bot'. In this video, we will be focussing on data storage and setting up a database to store our Wordle results in. Stay tuned for the next video where we will be deploying the bot, which will be able to run 24/7! Each video will be published one week from the previous.
Top cloud-native CVEs of 2024: A Comprehensive Recap
In 2024, several significant vulnerabilities were identified within the Kubernetes and broader cloud-native ecosystem. In this post we have compiled a roundup of the most notable Common Vulnerabilities and Exposures (CVEs) reported this year.
Vulnerability Management Best Practices
With each organization facing over 30 critical or high-risk vulnerabilities per website/public-facing asset annually and 31% of these remaining open for over 180 days, the pressure to address vulnerabilities promptly is undeniable. Delays in patching not only increase the risk of breaches but also erode the trust of clients, vendors, and partners while compromising compliance efforts.