Log4j
Anatomy of an Attack | ADR vs WAF and EDR Technology | Contrast Security
In today's rapidly evolving cyber threat landscape, organizations face increasingly sophisticated attacks targeting their applications. Understanding these threats and the technologies designed to combat them is crucial. This article delves into the ...
Top 4 Application Attacks Detected and Blocked by Contrast ADR | XSS, Method Tampering, Path Traversal and JNDI Injection | Contrast Security
The Contrast Security Runtime Security Platform — the engine that underpins Contrast’s Application Detection and Response (ADR) technology — blocked approximately 47K cybersecurity attacks during the month of August 2024. ...
From Log4j to Long4j
Veracode reports that more than a third of Java application still use vulnerable versions of Log4j despite efforts to eradicate it. The post From Log4j to Long4j appeared first on Azul | ...
Above 30% Apps at Risk with Vulnerable Log4j Versions
An alarming 38% of applications that use the Apache Log4j library use the versions susceptible to security vulnerabilities. One of them is a critical vulnerability, Log4Shell (CVE-2021-44228), for which patches have been ...
CISA Put Securing Open Source Software on the Roadmap
The government’s top cybersecurity agency is laying out steps it says are necessary to ensure that open source software, which is increasingly ubiquitous in modern IT environments, is secure. The eight-page document ...
Verizon’s Annual Data Breach Incident Report (DBIR) Shines Spotlight on Ransomware Trends & Insider Threats
New research from Verizon reveals that ransomware is responsible for a sizable percentage of all recorded security incidents. Despite the alarming statistics raised in the report, the tech giant warns, we’re likely ...
Software Supply Chain Security Risks, Part 1
It cannot be stated enough that software supply chain security risks are serious as organizations are so dependent on the software supply chain, an attack could cripple their business. The effects of ...
Sysdig Details Proxyjacking Attack Leveraging Log4j Vulnerability
Sysdig today published a report that described how cybercriminals are exploiting the Log4j vulnerability to gain access to IP addresses that are then sold to entities that resell them. Dubbed proxyjacking, the ...
Boxed.com Ups Bot Protection Efficiency & Saves Time With DataDome
DataDome protects the Boxed website and mobile apps from scrapers, credential stuffing bots, and all types of automated threats ...
Known Vulnerabilities Drove Most Cyberattacks in 2022
New research revealed an all-too-familiar theme: Known vulnerabilities for which patches have been issued were the main way threat actors executed cyberattacks in 2022. “The data highlights that long-known vulnerabilities frequently cause ...