Vulnerabilities & Exploits
- April 04, 2019A year after a potentially critical vulnerability (CVE-2018-1002100) was found and patched in the popular open-source container orchestration system and DevOps tool Kubernetes, researchers discovered that the vulnerability can still be exploited.
- March 12, 2019Popular open-source DevOps automation software StackStorm was reported to have a critical vulnerability that could allow remote attackers to perform arbitrary commands on targeted servers.
- March 11, 2019Security researchers uncovered vulnerabilities in third-party car alarms managed via their mobile applications, affecting around 3 million cars. Here's what you need to know.
Threat Landscape in the Americas: How Managed Detection and Response Helps Address Persistent ThreatsMarch 07, 2019We look at the most pervasive information stealers, ransomware, and cryptocurrency-mining malware in the Americas in 2018 and how they highlight the significance of proactive threat detection and incident response capabilities.
- March 05, 2019We looked back at 2018’s mobile threat landscape to see the possible threats that lie ahead and help users and organizations proactively defend against them.
- February 28, 2019CVE-2019-5736 is a vulnerability involving the runC runtime component, which is used for container platforms such as Docker and container orchestration platforms such as Kubernetes.
- February 26, 2019Looking back at the most significant issues of 2018, we saw shifting cybercriminal strategies and lingering security threats. Enterprises faced a multitude of challenges, but careful study of these issues can present opportunities for improvement.
- January 29, 2019Owners and administrators of WordPress websites that use the “Total Donations” plugin are advised to remove the plugin after a zero-day vulnerability and design flaws were seen actively exploited in the wild.
Attacks Against Industrial Machines via Vulnerable Radio Remote Controllers: Security Analysis and RecommendationsJanuary 15, 2019Radio frequency (RF) technology is being used in operations to control various industrial machines. However, the lack of implemented security in RF communication protocols could lead to production sabotage, system control, and unauthorized access.