WAF-as-a-Service
Web applications form a massive part of the common network ground that is shared by a business and its customers
Container Runtime Protection
Runtime Security in Kubernetes deployment might be policed based on a pod-by-pod. A pod is a group of containers that
Introduction to Virtual Patching
“Virtual Patching” is a term that was initially used by Intrusion Prevention System vendors many years ago. It is also
How to create a Kubernetes Service
With the running application, we want to access one service. Let’s create a ClusterIP type of service. We can: Create
Kube-Proxy and Headless Services
Kube-Proxy Kube-proxy implements a form of virtual IP for services for all types except ExternalName. Three modes are: (a) Proxy-mode:
Kubernetes Service Types
Key Terms Nodes: Virtual host(s) on which containers/pods are running. Kubernetes Service: A logical set of pods that perform identical
Introduction to Kubernetes Services
Key Terms: Pods: One or more containers that shares the storage and network with a Kubernetes configuration, mentioning the behavior
Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71
[vc_row][vc_column][vc_column_text] Overview : Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1
LogicalDoc before 8.3.3 allows SQL Injection
[vc_row][vc_column][vc_column_text] Overview : LogicalDoc before 8.3.3 allows SQL Injection. LogicalDoc populates the list of available documents by querying the database.
Trend Micro Worry-Free Business Security (9.0, 9.5, 10.0) is affected by a directory traversal vulnerability
[vc_row][vc_column][vc_column_text] Overview : Trend Micro Worry-Free Business Security (9.0, 9.5, 10.0) is affected by a directory traversal vulnerability that could
cPanel before 84.0.20 allows a demo account to achieve remote code execution
[vc_row][vc_column][vc_column_text] Overview : cPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell
OpenCart 3.0.3.2 allows remote authenticated users to conduct XSS attacks
[vc_row][vc_column][vc_column_text] Overview : OpenCart 3.0.3.2 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users’
Umbraco CMS 8.5.3 allows an authenticated file upload
[vc_row][vc_column][vc_column_text] Overview : Umbraco CMS 8.5.3 allows an authenticated file upload (and consequently Remote Code Execution) via the Install Package
Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation
[vc_row][vc_column][vc_column_text] Overview : Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation.An information disclosure vulnerability
SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 SQL Injection Vulnerability
[vc_row][vc_column][vc_column_text] Overview : SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow for an invalid Bean
LiveZilla blind Javascript Injection – Cross Site Scripting (XSS)
Overview : An issue was discovered in chat.php in LiveZilla Live Chat 8.0.1.3 (Helpdesk). A blind JavaScript injection lies in
WAF for Healthcare
[vc_row][vc_column width=”1/2″][vc_row_inner][vc_column_inner][st_heading][/st_heading][/vc_column_inner][/vc_row_inner][vc_column_text]Modern Medical environment has evolved to a new dimension with advancement in technology. New technology services are coming in,
What is the Real Cost of a Data Breach – Reflecting LabCorp Data Theft
Another Data breach incident between LabCorp, a medical testing company and American Medical Collection Agency (AMCA), shows the importance of