Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Analysis of Microsoft Power Platform’s security features revealed limitations that could expose organizations to security risks, such as difficulty enforcing DLP policies for pre-existing resources and issues with HTTP calls or custom connectors.

ServiceNow’s biggest event of the year — Knowledge 2023 — is here, and Snyk is excited to be a part of it with some big news! Back in January, we announced Snyk Security for Application Vulnerability Response to bring Snyk Open Source software composition analysis to ServiceNow Security Operations.

APIs are great for accessing specific functions and features, but what happens when they allow unauthorized access? Imagine a social media platform where users can share posts. To enable users to access posts, the platform provides an API that allows GET requests to retrieve posts by specifying the user ID and post ID. GET/api/v2.1/user/1438/posts?id=40. The API will return the 40th post for user id 1438. As these are public forums, any user can submit GET requests to access posts.

I feel I need to clarify, for legal reasons, that this is nothing to do with any Harry Potter game. The reference is made because we are dealing with spells and magic, and I mean magic in the literal sense, not a reference to application security – although on some/most days it feels like magic. Time-Of-Check Time-Of-Use (TOCTOU) and Race Conditions? What’s it all about?

The healthcare industry has been struck with a growing number of cyberattacks over the last few months, raising concerns in the healthcare industry and in Washington, D.C. The continued onslaught of attacks has raised the question of how healthcare entities can and should be raising their cyber defenses. One potential tool in a hospital, or any industry's toolbox, can be Trustwave's patent-pending Advanced Continual Threat Hunt (ACTH) platform.

Balancing the volume of applications and the increased deployment frequency with the need for security is a struggle for both development and security teams. Recent research indicates that vulnerability management in modern software development has become more complex, with 69% of CISOs acknowledging this challenge. Consequently, many applications are not adequately covered by security scans.

In this post, we’re going to learn how Foundry can be used to write a proof of concept (PoC) for uninitialized smart contract vulnerabilities. We will take a look at and exploit a simple uninitialized smart contract vulnerability we found in BadgerDAO. If you are familiar with this type of vulnerability, jump straight to the Foundry PoC section. You can also find the PoC code on this GitHub repository.

In a security advisory published on May 9th, Microsoft disclosed the existence of a Local Privilege Escalation vulnerability in Sysmon (CVE-2023-29343). The vulnerability was discovered by an independent security researcher and was responsibly disclosed to Microsoft. Microsoft has released Sysmon version 14.16 to address this vulnerability.

On May 11th, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released an advisory highlighting the active malicious exploitation of CVE-2023-27350 in PaperCut MF and PaperCut NG software by a threat actors including one known as the Bl00dy Ransomware Gang. The US-CERT Alert (AA23-131A) Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG includes detailed information about this investigation (along with attacker TTPs and IOCs).

Ignoring the little stuff is never a good idea. Anyone who has pretended that the small noise their car engine is making is unimportant, only to later find themselves stuck on the side of the road with a dead motor will understand this statement. The same holds true when it comes to dealing with minor vulnerabilities in a web application. Several small issues that alone do not amount to much, can in fact prove dangerous, if not fatal, when strung together by a threat actor.