Log4Shell
Unsafe Deserialization Attacks Surge | December Attack Data | Contrast Security
Attacks on individual applications were down month to month in December 2024, but one of the most dangerous types of attacks was up significantly. That’s according to data Contrast Security publishes monthly ...
Anatomy of an Attack | ADR vs WAF and EDR Technology | Contrast Security
In today's rapidly evolving cyber threat landscape, organizations face increasingly sophisticated attacks targeting their applications. Understanding these threats and the technologies designed to combat them is crucial. This article delves into the ...
Top 4 Application Attacks Detected and Blocked by Contrast ADR | XSS, Method Tampering, Path Traversal and JNDI Injection | Contrast Security
The Contrast Security Runtime Security Platform — the engine that underpins Contrast’s Application Detection and Response (ADR) technology — blocked approximately 47K cybersecurity attacks during the month of August 2024. ...
Zero-day vulnerabilities: A beginner’s guide
Note: This article was originally published on The New Stack ...
Known Vulnerabilities Drove Most Cyberattacks in 2022
New research revealed an all-too-familiar theme: Known vulnerabilities for which patches have been issued were the main way threat actors executed cyberattacks in 2022. “The data highlights that long-known vulnerabilities frequently cause ...
Fast Facts: How to Find and Fix the Log4j Vulnerability in Under 2 Minutes
Many organizations still need to find the Log4j vulnerability in their environment and address the risk. The news about Log4Shell, the vulnerability impacting the Apache Log4j software library, first burst onto the ...
Where is Your Risk? Vulnerabilities in Open Source Software
The first post of this series on the software-related risks organizations are facing looked at vulnerabilities introduced in development. In this post we look at the risks of open source vulnerabilities. Organizations ...
CISOs Clamor for Better App Monitoring Tools
In the history of IT security, the sector’s traditional tools and solutions have rarely appeared as inadequate as they do now. Over the past four years, the multitude of ransomware attacks resulted ...
2022 was the year of the SBOM…and 2023 will be, too
2022 was the year of the rise of the SBOM. This time of year, we take a look back at the havoc wreaked by breaches–that occurred in 2021 and earlier. The fallout ...
