Vulnerability

Vuln of the Month: CVE-2020-10148 SolarWinds Orion Authentication Bypass

Feb 16, 2021 By detectify In Detectify

Every week, our global community of hand-picked Detectify Crowdsource ethical hackers submit new vulnerabilities that we make available to our users as automated security tests. In the new series Vuln of the Month, we deep-dive into an especially interesting vulnerability that was added to our scanner in the past month. First up: CVE-2020-10148, SolarWinds Orion Authentication Bypass. In January, Detectify added a security test for CVE-2020-10148, SolarWinds Orion Authentication Bypass.

Read Post

Detectify

Read more about Vuln of the Month: CVE-2020-10148 SolarWinds Orion Authentication Bypass

OWASP Top 10: Sensitive Data Exposure Security Vulnerability Practical Overview

Feb 8, 2021 By Application Security Series In ImmuniWeb

Sensitive data exposure is #3 in the current OWASP top Ten Most Critical Web Application Security Risks.

Read Post

ImmuniWeb

Read more about OWASP Top 10: Sensitive Data Exposure Security Vulnerability Practical Overview

1. Outpost24 Pwn Pulse intro

Feb 3, 2021 By Outpost 24 In Outpost 24

Introduction to Pwn Pulse wireless network assessment

View Video

Outpost 24

Read more about 1. Outpost24 Pwn Pulse intro

2. Connecting to Pwn Pulse

Feb 3, 2021 By Outpost 24 In Outpost 24

Connecting to Pwn Pulse Wireless threat detection solution

View Video

Outpost 24

Read more about 2. Connecting to Pwn Pulse

3. Starting Wireless Detection

Feb 3, 2021 By Outpost 24 In Outpost 24

Starting wireless threat detection with Pwn Pulse

View Video

Outpost 24

Read more about 3. Starting Wireless Detection

4. Establish your network baseline

Feb 3, 2021 By Outpost 24 In Outpost 24

Establish your wireless network security baseline with Pwn Pulse

View Video

Outpost 24

Read more about 4. Establish your network baseline

6. Wireless threats and alerts

Feb 3, 2021 By Outpost 24 In Outpost 24

Wireless threat detection and alerts by Pwn Pulse

View Video

Outpost 24

Read more about 6. Wireless threats and alerts

5. Asset Assessment

Feb 3, 2021 By Outpost 24 In Outpost 24

Wireless asset assessment by Pwn Pulse Outpost24

View Video

Outpost 24

Read more about 5. Asset Assessment

What our attack surface study says about top retail applications

Feb 3, 2021 By Stephane Konarkowski In Outpost 24

Retail and ecommerce web applications are big targets for hackers. Attack surface assessment is important to help build a complete risk profile of web applications and combat opportunistic hackers looking for vulnerabilities to exploit. Here’s how the biggest online retailers fare against the most common application attack vectors

Read Post

Outpost 24

Read more about What our attack surface study says about top retail applications

Protecting Against the Unpatched Kubernetes Vulnerability (CVE-2020-8554)

Feb 2, 2021 By Tigera In Tigera

CVE-2020-8554 is a vulnerability that allows Kubernetes Services to intercept cluster traffic to any IP address. Users who can manage services can exploit the vulnerability to carry out man-in-the-middle (MITM) attacks against pods and nodes in the cluster. All Kubernetes versions including the latest release (v1.20) are vulnerable to this attack. If your cluster is multi-tenant, or allows unprivileged users to create and update services, you are impacted.

View Video