CVE-2024-51466 : IBM COGNOS ANALYTICS UP TO 11.2.4 FP4/12.0.4 EL EXPRESSION LANGUAGE INJECTION
Description IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an Expression Language (EL) Injection
CVE-2024-12728 : SOPHOS FIREWALL UP TO 20.0 MR2 SSH WEAK CREDENTIALS
Description A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos Firewall older than version 20.0 MR3
CVE-2024-50379 : APACHE TOMCAT UP TO 9.0.97/10.1.33/11.0.1 JSP COMPILATION TOCTOU
Description Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file
Why On-Premise API Security Is Critical In A Hybrid IT Environment
APIs are the glue that holds modern applications together. Facilitates smooth communication between systems. Helps ensure that business operations run
What Is Federated Identity Management (FIM)?
Federated Identity Management (FIM) is a system that allows digital identities to be shared across multiple jurisdictions, organizations, or security
What Is User And Entity Behavior Analytics (UEBA)?
User and Entity Behavior Analytics (UEBA) is a cybersecurity solution that uses advanced analytics to detect anomalies in the behavior
Why Quantum-Resistant Encryption Is Critical For Data Security?
Quantum-Resistant Encryption refers to cryptographic algorithms designed to withstand the computational capabilities of quantum computers. This is different from classical
How Can SMBs Implement Enterprise-Level API Security?
In today’s interconnected digital world, enterprise-level API security is critical for businesses of all sizes, particularly small to medium-sized businesses
What Is Cyber Warfare?
Cyber Warfare is the use of digital attacks by one country or organization to damage or disrupt another country’s critical
CVE-2024-51568 : PSAUX CYBERPANEL UP TO 2.3.4 FILE MANAGER /FILEMANAGER/UPLOAD PROCESSUTILITIES.OUTPUTEXECUTIONER OS COMMAND INJECTION
Description CyberPanel (aka Cyber Panel) before 2.3.5 allows Command Injection via completePath in the ProcessUtilities.outputExecutioner() sink. There is /filemanager/upload (aka
What is AI-Driven SOC?
An AI-powered Security Operations Center (SOC) represents a revolutionary change in the way organizations manage cybersecurity. By combining artificial intelligence
CVE-2024-47821 : PYLOAD UP TO 0.5.0B3.DEV86/ .PYLOAD/SCRIPTS OS COMMAND INJECTION
Description pyLoad is a free and open-source Download Manager. The folder `/.pyload/scripts` has scripts which are run when certain actions
CVE-2024-20329 : CISCO ASA UP TO 9.19.1.18 EXPRESSION/COMMAND DELIMITERS
Description A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker
CVE-2024-50066 : LINUX KERNEL UP TO 6.6.57/6.11.4 MREMAP MEMORY CORRUPTION
Description In the Linux kernel, the following vulnerability has been resolved: mm/mremap: fix move_normal_pmd/retract_page_tables race In mremap(), move_page_tables() looks at
CVE-2024-45518 : SYNACOR ZIMBRA COLLABORATION SUITE HTTP REQUEST SERVER-SIDE REQUEST FORGERY
Description An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9, 9.0.0 before Patch 41, and
What is Cybersecurity Mesh Architecture?
Cybersecurity Network Architecture (CSMA) is a flexible, deployable approach that decentralizes security controls. Move the security perimeter from a centralized
CVE-2024-47763 : BYTECODEALLIANCE WASMTIME UP TO 21.0.1/22.0.0/23.0.2/24.0.0/25.0.1 CONTROL FLOW
Description Wasmtime is an open source runtime for WebAssembly. Wasmtime’s implementation of WebAssembly tail calls combined with stack traces can
CVE-2024-47773 : DISCOURSE UP TO 3.3.1/3.4.0.BETA1 DISCOURSE_DISABLE_ANON_CACHE EXTERNAL REFERENCE
Description Discourse is an open source platform for community discussion. An attacker can make several XHR requests until the cache
CVE-2024-47823 : LIVEWIRE UP TO 3.5.1 GETCLIENTORIGINALNAME UNRESTRICTED UPLOAD
Description Livewire is a full-stack framework for Laravel that allows for dynamic UI components without leaving PHP. In livewire/livewire `<
How To Secure Generative AI Systems Against Emerging Threats
Generative AI, driven by advanced machine learning techniques, is revolutionizing industries by creating text, images, music, and virtual environments. These
Why Is It Important To Integrate Threat Intelligence Into SIEM?
In today’s ever-evolving cybersecurity landscape, organizations must be proactive in identifying and mitigating threats. One of the most effective ways
CVE-2024-9035 : CODE-PROJECTS BLOOD BANK MANAGEMENT SYSTEM 1.0 ADMIN LOGIN /ADMIN/LOGIN.PHP USERNAME/PASSWORD SQL INJECTION
Description A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as critical. This affects
What Is OAuth And Its Role In API Security?
In today’s interconnected digital ecosystems, it is important to secure APIs to protect sensitive data and ensure integrity of communication
5G Networks Security Essential Practices For Modern Risks
The deployment of 5G networks marks a transformational change in telecommunications, offering unprecedented speeds, reduced latency, and improved connectivity. These