%term

CVE-2024-3094: Detecting the SSHD backdoor in XZ Utils

Mar 29, 2024 By Michael Clark In Sysdig

On March 29th, 2024, a backdoor in a popular package called XZ Utils was announced on the Openwall mailing list. This utility includes a library called liblzma which is used by SSHD, a critical part of the Internet infrastructure used for remote access. When loaded, the CVE-2024-3094 affects the authentication of SSHD potentially allowing intruders access regardless of the method.

Read Post

Sysdig

Read more about CVE-2024-3094: Detecting the SSHD backdoor in XZ Utils

Securing your SBOM on Google Cloud

Mar 28, 2024 By David Lugo In Snyk

Over the past few years, software supply chain security has been top of mind for governments and businesses alike. Following Log4Shell in late 2021, the Biden administration’s National Cybersecurity Strategy started focusing on open source supply chain security. The National Security Agency (NSA) recently released new guidance on securing open source software supply chains.

Read Post

Snyk

Read more about Securing your SBOM on Google Cloud

Veracode Customers Shielded from NVD Disruptions

Mar 28, 2024 By Nova Trauben In Veracode

The US National Institute of Standards and Technology (NIST) has almost completely stopped analyzing new vulnerabilities (CVEs) listed in its National Vulnerability Database (NVD). Through the first six weeks of 2024, NIST analyzed over 3,500 CVEs with only 34 CVEs awaiting analysis.1 Since February 13th, however, nearly half (48%) of the 7,200 CVEs received this year by the NVD are still awaiting analysis.2 The number of CVEs analyzed has dropped nearly 80% to less than 750 CVEs analyzed.

Read Post

Veracode

Read more about Veracode Customers Shielded from NVD Disruptions

Beyond CVSS: Mitigating Alert Fatigue, Accurately

Mar 28, 2024 By Indusface In Indusface

CVSS score is valuable for assessing open vulnerability risk. However, despite the obvious difference in risk, CVSS scores overlook the distinction between vulnerabilities in staging versus production. This issue compounds with factors such as the number and types of applications, vulnerability types, and zero-day threats. Ultimately, leading to Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

View Video

Indusface

Read more about Beyond CVSS: Mitigating Alert Fatigue, Accurately

What is the Dirty COW exploit, and how to prevent it

Mar 27, 2024 By Eyal Katz In Spectral

Dirty COW, a seemingly light-hearted name, masks a severe Linux privilege escalation issue. This bug has affected many older Linux systems, which is concerning given that 41% of web servers run on Linux. Despite widespread patches in distributions like Ubuntu and Red Hat, Dirty COW remains a threat, particularly to outdated systems. As a significant security flaw, it poses risks to various devices and servers even in 2024.

Read Post

Spectral

Read more about What is the Dirty COW exploit, and how to prevent it

Vulnerability Management Lifecycle in DevSecOps

Mar 27, 2024 By Guest Expert In GitGuardian

In this new series, CJ May shares his expertise in implementing secure-by-design software processes that empower engineering teams. The first stage of his DevSecOps program: vulnerability management.

Read Post

GitGuardian

Read more about Vulnerability Management Lifecycle in DevSecOps

How Snyk ensures safe adoption of AI

Mar 27, 2024 By Akanchha Shrivastava In Snyk

The AI revolution is reshaping industries, processes, and the very fabric of software development. As we navigate through this transformative era, it's crucial to understand not only the evolution and application of AI in software development but also the innovative ways in which Snyk, the industry-leading developer security platform, is harnessing AI to enhance security.

Read Post

Snyk

Read more about How Snyk ensures safe adoption of AI

What Does a Solid VM Ticketing Workflow Actually Look Like?

Mar 27, 2024 By Nucleus In Nucleus

In this webinar, Scott Kuffer discusses the challenges and best practices of vulnerability management workflows and ticketing. He emphasizes the discrepancy between vulnerability management teams' priorities and the priorities of the business as a whole. Scott explores different ticketing workflows, starting with basic vulnerability-based tickets and progressing to more advanced options such as asset-based, team-based, and action-based tickets. He highlights the benefits of automating ticket creation and reporting, as well as the potential for redefining how vulnerability management is approached within organizations.

View Video

Nucleus

Read more about What Does a Solid VM Ticketing Workflow Actually Look Like?

CVE-2023-48788: Active Exploitation and PoC for Critical RCE in Fortinet FortiClientEMS Observed

Mar 26, 2024 By Andres Ramos In Arctic Wolf

On March 21, 2024, security researchers published a technical analysis along with a proof of concept (PoC) regarding the critical Remote Code Execution (RCE) vulnerability, CVE-2023-48788, in Fortinet’s FortiClientEMS. This vulnerability enables an unauthenticated threat actor to achieve RCE through the manipulation of SQL commands. Fortinet has stated that this vulnerability is under active exploitation. PoC exploit code is also now publicly available.

Read Post

Arctic Wolf

Read more about CVE-2023-48788: Active Exploitation and PoC for Critical RCE in Fortinet FortiClientEMS Observed

Resolving Simple Cross-Site Scripting Flaws with Veracode Fix

Mar 26, 2024 By Robert Haynes In Veracode

In the last blog on fixing vulnerabilities with Veracode Fix, we looked at SQL Injection remediation in a Java application. Since then, we have released Fix support for Python (and PHP) and launched a new VS Code plugin that includes support for Fix. It seems appropriate, therefore, to look at resolving a problem in a Python app using Veracode Fix in the VS Code IDE. This time let’s examine a simple cross-site scripting (XSS) weakness.

Read Post