%term

4 tips for securing GenAI-assisted development

Dec 18, 2024 By Sarah Conway In Snyk

Gartner predicts that generative AI (GenAI) will become a critical workforce partner for 90% of companies by next year. In application development specifically, we see developers turning to code assistants like Github Copilot and Google Gemini Code Assist to help them build software at an unprecedented speed. But while GenAI can power new levels of productivity and speed, it also introduces new threats and challenges for application security teams.

Read Post

Snyk

Read more about 4 tips for securing GenAI-assisted development

Did you make the security naughty or nice list this year?

Dec 18, 2024 By Mariah Gresham In Snyk

As we approach the end of the year, many of us are reflecting on what we accomplished in 2024 — what did we do well this year? What could we have done better? It's also the perfect time to reflect on how to improve your team’s security practices. Have you been staying ahead of threats or have you let a few vulnerabilities slip through the cracks?

Read Post

Snyk

Read more about Did you make the *security* naughty or nice list this year?

Exploited! Kerio Control's HTTP Response Splitting Vulnerability (CVE-2024-52875)

Dec 18, 2024 By Fara Hain In IONIX

CVE-2024-52875 is an HTTP Response Splitting vulnerability in Kerio Control. This flaw allows an attacker to inject malicious input into HTTP response headers by introducing carriage return (\r) and line feed (\n) characters. Such manipulation can cause the server to send multiple HTTP responses instead of one, leading to various attacks.

Read Post

IONIX

Read more about Exploited! Kerio Control's HTTP Response Splitting Vulnerability (CVE-2024-52875)

Set Up a Discord Bot

Dec 18, 2024 By Snyk In Snyk

Watch the full video for more...

View Video

Snyk

Read more about Set Up a Discord Bot

Top three cyber threats that will persist in 2025

Dec 17, 2024 By Lydia Atienza In Outpost 24

As another year comes to an end, it’s not only Santa who brings presents for those on his nice list. These days, it’s quite common for well-known firms to publish their annual roundups of the most notable events that have taken place in the cybersecurity landscape, together with predictions of what can we expect in next twelve months.

Read Post

Outpost 24

Read more about Top three cyber threats that will persist in 2025

Arctic Wolf Observes Targeting of Publicly Exposed Fortinet Firewall Management Interfaces

Dec 17, 2024 By Andres Ramos In Arctic Wolf

Since early December 2024, Arctic Wolf has been monitoring threat activity involving the malicious use of management interfaces on FortiGate firewall devices on the public internet. While our investigation into this activity is ongoing and the scope is yet to be fully determined, organizations running these products should ensure that they are adhering to security best practices for management access of firewall devices.

Read Post

Arctic Wolf

Read more about Arctic Wolf Observes Targeting of Publicly Exposed Fortinet Firewall Management Interfaces

CVE-2024-12356: Critical Severity Command Injection Vulnerability in BeyondTrust Remote Support (RS) & Privileged Remote Access (PRA)

Dec 17, 2024 By Arctic Wolf In Arctic Wolf

On December 16, 2024, BeyondTrust published a security advisory outlining a vulnerability impacting their Remote Support (RS) and Privileged Remote Access (PRA) software. The flaw, CVE-2024-12356, is a critical severity command injection vulnerability. If successfully exploited it can allow an unauthenticated remote threat actor to execute underlying operating system commands within the context of the site user.

Read Post

Arctic Wolf

Read more about CVE-2024-12356: Critical Severity Command Injection Vulnerability in BeyondTrust Remote Support (RS) & Privileged Remote Access (PRA)

How to Build a Discord Bot (PART 1)

Dec 16, 2024 By Snyk In Snyk

This is the first video of our series 'How to Build a Discord Bot'. In this video, we will be covering the technologies you need and how to get set up with them, how to create a Discord app on the developer portal and how to connect the code to a Discord server. Each video will be published one week from the previous.

View Video

Snyk

Read more about How to Build a Discord Bot (PART 1)

Safeguarding Legacy Applications: Unlocking the Power of Seal Security

Dec 16, 2024 By Lev Pachmanov In Seal Security

Businesses rely heavily on software applications to drive efficiency, productivity, and customer satisfaction. However, many organizations still grapple with unmaintained applications that depend on outdated or vulnerable third-party libraries. According to a study by Synopsys, 91% of codebases contain components that are either more than four years out of date or have had no development activity in the past two years. These libraries pose significant security risks.

Read Post

Seal Security

Read more about Safeguarding Legacy Applications: Unlocking the Power of Seal Security

Emerging Threats in Cybersecurity: Safeguarding Software from Evolving Risks

Dec 16, 2024 By SecuritySenses In SecuritySenses

In the digital-first landscape of today, cybersecurity threats are getting increasingly advanced and widespread, posing serious risks that could have adverse impacts on organizations the world over. Businesses are conducted through complex software systems and are increasingly susceptible to such attacks. Attackers continue refining their phishing scams and advanced persistent threats to exploit new vulnerabilities. Of the many, one such covert threat comprises malicious code, which recently has emerged as a permanent feature that requires proactive ways of lessening its impact.

Read Post