Uncovering the Hidden WebP vulnerability: a tale of a CVE with much bigger implications than it originally seemed

At Cloudflare, we're constantly vigilant when it comes to identifying vulnerabilities that could potentially affect the Internet ecosystem. Recently, on September 12, 2023, Google announced a security issue in Google Chrome, titled "Heap buffer overflow in WebP in Google Chrome," which caught our attention. Initially, it seemed like just another bug in the popular web browser. However, what we discovered was far more significant and had implications that extended well beyond Chrome.

Detecting and mitigating CVE-2023-4911: Local Privilege Escalation Vulnerability

Recently, Qualys discovered and reported a critical vulnerability affecting the popular GLIBC ecosystem, which is installed by default on most Linux-based operating systems. Specifically, a buffer overflow was found in the code responsible for handling special environment variables during the startup of a process which can result in a local privilege escalation. Fortunately, exploitation of this vulnerability can be detected by Falco.

Gartner predicted APIs would be the #1 attack vector - Two years later, is it true?

Over the last few years, APIs have rapidly become a core strategic element for businesses that want to scale and succeed within their industries. In fact, according to recent research, 97% of enterprise leaders believe that successfully executing an API strategy is essential to ensuring their organization’s growth and revenue.

How Sysdig can detect Impersonation Attacks in Okta IdP

To combat the growing threat of identity attacks, organizations need to adopt a proactive approach that goes beyond traditional security measures. Identity Threat Detection and Response (ITDR) is one such approach that focuses on monitoring and responding to suspicious activities related to user identities and access management. ITDR solutions can help organizations spot unusual patterns, such as multiple failed login attempts, access from unusual locations, or abnormal behavior within the system.

What is Zero Trust

Zero Trust is a cybersecurity philosophy that rejects the idea of offering implicit trust to traffic based on network location. In other words, Zero Trust views all traffic as potentially malicious, regardless of whether it originates from a traditionally trusted network source, and therefore requires all traffic to be scrutinized to determine whether access should be granted to a specific resource.

Focus on these 3 Areas to Develop a Strong Cybersecurity Posture With Fewer Resources

Not every organization's security apparatus is built or funded at the same level. For smaller organizations or those with other needs competing for budget, here are some points that show it's possible to do more with less. To drive meaningful progress and ensure a robust security posture, it's the C-suite and the board must collaborate and focus on three key areas: coverage, consolidation, and assurance.

SASE Transformation: 6 Scenarios Demanding Modern SD-WAN

The following is derived from the new book, Modern SD-WAN for SASE for Dummies, Netskope Special Edition. Click here to get your complimentary copy. For decades, computer networking has powered our businesses, our communities, and our lives. As computing and the digital world have evolved, enterprise networking has struggled to keep up. Local area networks (LANs) gave way to MPLS WANs and MPLS WANs gave way to SD-WANs. Out with the old, in with the new.

5 Security Protocols To Protect Business Data

The rapid growth we see ourselves in regarding technology has caused businesses to change to digital methods to secure data quickly. The time limitations businesses face to secure their data quickly and effectively may cause the security standards to drop, leaving companies wide open to cybercrime. Cybercrime remains a global problem in 2023, reflected in the rising costs of data breaches and increased attacks on businesses and people’s data.