On May 31, Forescout Research – Vedere Labs uncovered a significant incident where threat actors exploited a critical zero-day vulnerability in the MOVEit Transfer software, which resulted in unauthorized access to and exfiltration of private data, as well as privilege escalation. MOVEit Transfer is a widely adopted managed file transfer (MFT) solution that enables organizations to securely exchange files with their business partners and customers.

To identify malicious packages and protect yourself against them, you need to know what to look for. Here’s a simple guide. In January 2022, users of the popular open-source libraries “faker” and “colors” suddenly found their applications started to malfunction and display nonsensical data because they had been infected by a malicious package.

The prolonged period of low-capital costs and widely available funding may be over, yet digital adoption persists as business leaders seek to unlock efficiencies and innovation everywhere. This is driving exponential but often unsecure identity growth in the enterprise and putting existing levels of cyber debt at risk of compounding as investment in digital and cloud initiatives continues to outpace cybersecurity spend.

The Exchange Administration Center (EAC) is an easy-to-use interface for managing Exchange. However, it enable you to change only a handful of mailbox settings, and you can modify only one mailbox at a time. For more comprehensive management, you turn to Microsoft PowerShell (or, to be exact, Exchange Management Shell).

As security teams witness that their organization’s digital footprint keeps growing in size and complexity, the urgent need for attack surface discovery becomes clear. But what exactly does attack surface discovery entail, and why is it so crucial in today’s digital landscape? This blog post aims to demystify attack surface discovery and provide insights into its importance for security operations teams.

We’re thrilled to announce that Snyk was named a Leader in The Forrester Wave™: Software Composition Analysis (SCA), Q2 2023 report! We believe this recognition — and the fact that we are ranked highest in the Strategy category out of all evaluated vendors — highlights the work we’ve done at Snyk to disrupt the industry with developer-centric application security solutions to help companies secure their software supply chain.

During a red team assessment for a client, Charles Fol and Dany Bach from LEXFO, discovered a heap overflow bug in Fortigate’s SSL VPN that can be exploited to achieve remote code execution on Fortigate instances. This vulnerability is reachable without authentication, and can be used to execute arbitrary code on vulnerable systems, which could lead to a complete compromise of the system.

The Pearland Independent School District spans over 23 separate campuses in the Pearland, Texas area. The district teaches over 21,000 students and employs as many as 1,771 individuals. The large district generates approximately $144 million in revenue annually and handles data for tens of thousands of students, parents, and employees.

In today's digital world, login credentials are the keys to the kingdom. Whether it's your online banking, your social media accounts, or your work accounts, your login credentials are essential for accessing your personal information. Unfortunately, cybercriminals are always looking for ways to obtain these credentials, and their techniques are becoming increasingly sophisticated.