%term

Detecting Spring4Shell 0-day Vulnerability Using Devo (updated 4/7/22)

Mar 31, 2022 By By The Devo Security Team In Devo

Editor’s note: Latest update, April 6, 2022, 7:30 p.m. U.S. EDT — This post now includes an example query to aid SOC teams in generating alerts for their specific WAF data sources. See the section “Create New Web Application Firewall (WAF) Rules” for details. A critical zero-day vulnerability in Java’s popular Spring Core Framework is being actively targeted, according to multiple reports submitted to Bleeping Computer.

Read Post

Devo

Read more about Detecting Spring4Shell 0-day Vulnerability Using Devo (updated 4/7/22)

CrowdStrike Achieves 100% Prevention in Recent MITRE Engenuity ATT&CK Evaluation Emulating Russia-based Threat Groups

Mar 31, 2022 By Michael Sentonas In CrowdStrike

At CrowdStrike, we believe that rigorous, independent testing is a vital part of the security ecosystem. It provides customers with transparency and insight into the critical capabilities required to stop today’s sophisticated threats. That’s why I’m excited to share the results of Round 4 of the MITRE Engenuity ATT&CK Enterprise Evaluation: The CrowdStrike Falcon platform stops breaches with 100% prevention, comprehensive visibility and actionable alerts.

Read Post

CrowdStrike

Read more about CrowdStrike Achieves 100% Prevention in Recent MITRE Engenuity ATT&CK Evaluation Emulating Russia-based Threat Groups

Critical Vulnerability in Spring Core: CVE-2022-22965 a.k.a. Spring4Shell

Mar 31, 2022 By Stefano Chierici In Sysdig

After the Spring cloud vulnerability reported yesterday, a new vulnerability called Spring4shell CVE-2022-22965 was reported this time on the very popular Java framework Spring Core on JDK9+. The vulnerability is always a remote code execution (RCE) which would permit attackers to execute arbitrary code on the machine and compromise the entire host.

Read Post

Sysdig

Read more about Critical Vulnerability in Spring Core: CVE-2022-22965 a.k.a. Spring4Shell

Australia and US Pledge More Government Cybersecurity Spend for 2022-23

Mar 31, 2022 By Kurt Mueffelmann In archTIS

In the midst of a growing global cyberthreat landscape, the Australian and US governments this week announced plans to increase spend to bolster federal cybersecurity. The Australian federal government’s newly released 2022-23 federal Budget has dedicated AU$9.9 billion to support cybersecurity and intelligence capabilities under a program called Resilience, Effects, Defence, Space, Intelligence, Cyber and Enablers (REDSPICE).

Read Post

archTIS

Read more about Australia and US Pledge More Government Cybersecurity Spend for 2022-23

This Week in VulnDB - highlight on sprint4shell and dep supply chain vulnerability

Mar 31, 2022 By Snyk In Snyk

Welcome to This Week in VulnDB, Each episode we will look through some of the newer vulnerabilities in the Snyk vulnerability database, looking at emerging trends in attack vectors appearing in programming languages, platforms and ecosystems.

View Video

Snyk

Read more about This Week in VulnDB - highlight on sprint4shell and dep supply chain vulnerability

March Product Rollup: AEC Tools, and API and Governance Upgrades

Mar 31, 2022 By Rosie Fan In Egnyte

As March rolls to an end, Egnyte is excited to roll out a solution built specifically for AEC companies, improvements to the Workflow API, and a whole host of governance improvements. Read on to learn more.

Read Post

Egnyte

Read more about March Product Rollup: AEC Tools, and API and Governance Upgrades

Cyberpion Closes Series A Funding at the Inflection Point for Attack Surface Management

Mar 31, 2022 By Nethanel Gelernter In IONIX

In business and life, getting the timing and the team right is half the battle.

Read Post

IONIX

Read more about Cyberpion Closes Series A Funding at the Inflection Point for Attack Surface Management

Spring Framework Remote Code Execution (CVE-2022-22965)

Mar 31, 2022 By The Veracode Research Team In Veracode

Details of a zero-day vulnerability in Spring Framework were leaked on March 29, 2022 but promptly taken down by the original source. Although much of the initial speculation about the nature of the vulnerability was incorrect, we now know that the vulnerability has the potential to be quite serious depending on your organization’s use of Spring Framework. There is also a dedicated CVE 2022-22965 assigned to this vulnerability. We will keep this blog updated as new information comes up.

Read Post

Veracode

Read more about Spring Framework Remote Code Execution (CVE-2022-22965)

Spring4Shell: The zero-day RCE in the Spring Framework explained

Mar 31, 2022 By Brian Vermeer In Snyk

On March 30, 2022, a critical remote code execution (RCE) vulnerability was found in the Spring Framework. More specifically, it is part of the spring-beans package, a transitive dependency in both spring-webmvc and spring-webflux. This vulnerability is another example of why securing the software supply chain is important to open source.

Read Post

Snyk

Read more about Spring4Shell: The zero-day RCE in the Spring Framework explained

SecurityScorecard Analysis of Lapsus$ Threat Group

Mar 31, 2022 By SecurityScorecard In SecurityScorecard

SecurityScorecard’s CISO Mike Wilkes and Threat Researcher Ryan Slaney discuss their latest insights on the Lapsus$ threat group, the recent Okta breach, and what CISOs should do to protect their organizations. SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated. The company is headquartered in New York and operates in 64 countries around the globe.

View Video