%term

Cursor AI: The VS Code Competitor

Sep 30, 2024 By Snyk In Snyk

Cursor AI is a new AI-powered code editor that some say could be the VS Code KILLER... In this video, we will be putting that to the test by exploring the AI tool's features as well as using it to help with our code in building a notes API and UI.

View Video

Snyk

Read more about Cursor AI: The VS Code Competitor

Emerging Security Issue: SolarWinds Web Help Desk CVE-2024-28987

Sep 30, 2024 By Emma Zaballos In CyCognito

CVE-2024-28987 is a critical (CVSS v3 score: 9.1) hardcoded credential vulnerability in the SolarWinds Web Help Desk (WHD) software. If exploited, this Java deserialization remote code execution (RCE) vulnerability allows attackers remote unauthenticated access to create, read, update and delete data on specific WHD endpoints.

Read Post

CyCognito

Read more about Emerging Security Issue: SolarWinds Web Help Desk CVE-2024-28987

Threat Context Monthly: Executive intelligence briefing for September 2024

Sep 30, 2024 By KrakenLabs In Outpost 24

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. Here’s what you need to know from September.

Read Post

Outpost 24

Read more about Threat Context Monthly: Executive intelligence briefing for September 2024

Critical Linux CUPS Flaws Could Lead to Remote Command Execution

Sep 30, 2024 By Fara Hain In IONIX

CUPS is a suite of programs and daemons that provide local and network printing capabilities on Unix-like systems such as Linux and macOS. Versions before and including 2.0.1 are vulnerable to CVE-2024-47076 (libcupsfilters), CVE-2024-47175 (libppd), CVE-2024-47176 (cups-browsed) and CVE-2024-47177 (cups-filters), all of which can be chained together to allow remote unauthenticated code execution. At this time there is no updated version available.

Read Post

IONIX

Read more about Critical Linux CUPS Flaws Could Lead to Remote Command Execution

Critical Vulnerabilities Uncovered: How Bitsight Delivered Fast, Actionable Insights in Under 24 Hours

Sep 30, 2024 By BitSight In BitSight

The speed at which vulnerabilities are detected and addressed can drastically impact an organization’s likelihood of suffering a security incident. Recently, Bitsight demonstrated how its investments in product fingerprinting and CVE mapping allowed it to identify and surface assets potentially impacted by a set of critical vulnerabilities in the CUPS printing system in under 24 hours.

Read Post

BitSight

Read more about Critical Vulnerabilities Uncovered: How Bitsight Delivered Fast, Actionable Insights in Under 24 Hours

Breaking Down the OWASP Top 10 API Security Risks 2023 (& What Changed From 2019)

Sep 30, 2024 By Dustin Silveri In Veracode

The OWASP Top Ten lists have been the cornerstone for application security best practices for over two decades. The 2019 list was the first edition of the OWASP API Security Top 10. The latest, OWASP API Security Top 10 2023, gives our security and engineering teams a glimpse of attack vectors that are becoming more common. With that in mind, it also helps our security teams to ensure that they have adequate coverage for security testing.

Read Post

Veracode

Read more about Breaking Down the OWASP Top 10 API Security Risks 2023 (& What Changed From 2019)

The CUPS Vulnerability- The 443 Podcast - Episode 308

Sep 30, 2024 By WatchGuard In WatchGuard

This week on the podcast, we cover the "9.9/10 severity vulnerability affecting most Linux systems" that a researcher disclosed last week and what it means for Linux systems administrators. We then discuss a research post into Kia's remote control systems that allowed one researcher to compromise any Kia in the last decade by just knowing their license plate number. We end with a new act that was just introduced into the US Senate with a goal to secure the healthcare industry.

View Video

WatchGuard

Read more about The CUPS Vulnerability- The 443 Podcast - Episode 308

What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177

Sep 30, 2024 By Trustwave In Trustwave

On September 26, 2024, security researcher Simone Margaritellidisclosed the details of four OpenPrinting Common UNIX Printing System (CUPS) vulnerabilities, that, when chained together, can allow malicious actors to launch remote code execution (RCE) attacks on vulnerable systems. CUPS is a widely used, open-source printing system that supports Linux and other Unix-like operating systems. It also supports ChromeOS and macOS.

Read Post

Trustwave

Read more about What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177

Detecting and Mitigating Remote Code Execution Exploits in CUPS

Sep 29, 2024 By Michael Clark In Sysdig

On September 26th, 2024, details were released about several vulnerabilities in the Common Unix Printing System (CUPS) package. A total of four CVE’s (CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177) have been released, affecting many Unix and Linux distributions. Three of the vulnerabilities are rated High, while one is rated Critical. If left unpatched, a remote attacker is able to execute arbitrary commands on the affected system.

Read Post