Emotet attacks— a spike to start the year...

Emotet attacks— a spike to start the year…

The Emotet malware is a very destructive banking Trojan that was first identified in 2014. Over the years it has evolved with new capabilities and functionalities, prompting cybersecurity agencies like the Australian ...
IE and FIREFOX-Patching nightmare begins in 2020...

IE and FIREFOX-Patching nightmare begins in 2020…

Not all vulnerabilities are created equal. It’s true. In a perfect world, organizations should be able to patch every vulnerability on every client immediately. But we don’t live in a perfect world ...
25 Most Dangerous Software Errors List Shows SQL Injections Dropping in Frequency

25 Most Dangerous Software Errors List Shows SQL Injections Dropping in Frequency

| | CVE, Industry News, vulnerability
The top 25 most dangerous errors found in the CVE repositories were just published, and they show some interesting and surprising trends over the past decade. The first place in the Top ...
Injection Vulnerabilities – 20 Years and Counting

Injection Vulnerabilities – 20 Years and Counting

Injection vulnerabilities are one of the oldest exploitable software defects, which unfortunately are still prevalent today. Doing a simple search on cve.mitre.org com for the term injection returns with over 10,852 injection-related ...
SQL Injection loses #1 spot as most dangerous attack technique

SQL Injection loses #1 spot as most dangerous attack technique

The Common Weakness Enumeration (CWE), a community-developed compilation of the most critical errors leading to vulnerabilities in software, has lowered SQL Injection from its #1 spot as the most dangerous attack technique ...
Combating the Continuous Development of Vulnerable Software

Combating the Continuous Development of Vulnerable Software

Most people in our industry know what the acronym CVE means. For those that may not, CVE stands for Common Vulnerabilities and Exposures. According to their website, CVE was launched in 1999 ...

Isolation protects you from threats that haven’t even been discovered

Another day, another validation that Internet isolation really is the best cybersecurity protection out there.Last week, Google released an urgent Chrome update to patch an actively exploited zero-day known as CVE-2019-13720, a ...

Why ANY Web Browser Is Still Not Safe…

Menlo Security customers are 100% protected against a recent zero-day exploit in Internet Explorer. The exploit CVE-2019-1367 and CVE-2019-1255 is being actively used in limited attacks ...
Scapy-sploit: Python Network Tool is Vulnerable to Denial of Service (DoS) Attack CVE pending

Scapy-sploit: Python Network Tool is Vulnerable to Denial of Service (DoS) Attack CVE pending

We recently discovered that the latest version of Scapy, a powerful packet manipulation tool used by cybersecurity researchers and network engineers, is susceptible to a Denial of Service (DoS) vulnerability. Ironically, we ...
Adobe patches critical flaws in many of its software offerings

Adobe patches critical flaws in many of its software offerings

Adobe has released important patches for almost its entire array of offerings, including the Technical Communications Suite, Experience Manager, Digital Editions, Acrobat and Reader, as well as the notoriously buggy Flash Player ...