Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Featured Post
Snyk

How to decide what to fix when you can't fix everything

Jun 17, 2022 By Tal Dromi, Product Manager In Snyk
Contributing to a legacy software development project, as a security-aware developer, is a bit like inheriting an old house. In my old house, the roof is missing tiles, the bathroom taps are dripping, the front door doesn't lock properly, the hallway needs redecorating and there are worrying cracks in the foundations. I don't know where to start. The security problems with the application I've recently (hypothetically) joined are similarly vexing and diverse. It has deprecated dependencies to older versions of software libraries. It could be misconfigured using insecure protocols.
Read Post
Trustwave

The Importance of White-Box Testing: A Dive into CVE-2022-21662

Jun 17, 2022 By Trustwave In Trustwave

I want to take some time to explain the importance of using a white-box approach when testing applications for vulnerabilities. To help in this endeavor, I will use a real-world example to demonstrate how researchers (in this case Karim El Ouerghemmi and Simon Scannell) *may* have found a vulnerability in WordPress (CVE-2022-21662 a 2nd order stored XSS) and how you, as a security researcher, can also use a white-box approach to find an exotic XSS vulnerability.

Read Post
Arctic Wolf

The Most Commonly Mixed-Up Security Terms: Learn the Differences Between Asset, Threat, Vulnerability, and Risk

Jun 17, 2022 By Sule Tatar In Arctic Wolf
The cybersecurity landscape is complex enough without the lack of a common vocabulary. But, often, organizations use common security terms incorrectly or interchangeably. This leads to confusion, which leads to frustration, which can lead to something much, much worse. Something like a breach. Let’s take a moment, then, to review the four most commonly mixed-up and misused security terms in the cybersecurity world.
Read Post
Arctic Wolf

CVE-2022-30190 - Updated Guidance for MSDT Remote Code Execution Zero-Day Vulnerability in Windows

Jun 16, 2022 By Sule Tatar In Arctic Wolf
On Friday, May 27, Security vendor nao_sec identified a malicious document leveraging a zero-day RCE vulnerability (CVE-2022-30190) in Microsoft Windows Support Diagnostic Tool (MSDT). The actively exploited vulnerability exists when MSDT is called using the URL protocol from a calling application, such as Microsoft Word.
Read Post
Arctic Wolf

CVE-2022-27511 - Critical Vulnerability in Citrix Application Delivery Management

Jun 16, 2022 By Sule Tatar In Arctic Wolf
On Tuesday, June 14, 2022, Citrix released patches for multiple vulnerabilities, including CVE-2022-27511, an unauthenticated remote privilege escalation vulnerability affecting Citrix Application Delivery Management (ADM). The vulnerability allows an unauthenticated user to remotely corrupt an affected system to reset the administrator password at the next device reboot. Successful exploitation allows a threat actor to gain initial access using the default credentials via SSH after a device reboot.
Read Post
sumologic

Follina - CVE-2022-30190

Jun 16, 2022 By Threat Labs In Sumo Logic
Monday, May 30th, 2022, Microsoft issued CVE-2022-30190 for a Remote Code Execution vulnerability with the Microsoft Support Diagnostic Tool (MSDT) in Windows: “A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application.
Read Post
mend

A Weaponized npm Package '@core-pas/cyb-core' Proclaimed Pentesting Related

Jun 15, 2022 By Tamir Ben Ari In Mend

Two packages of well-known origin were found exfiltrating Windows SAM and SYSTEM files, apparently as part of internal security research rather than a targeted dependency confusion attack. On June 6th, 2022, the Mend research team used Supply Chain Defender to detect and flag two malicious packages from the same author that contained identical code. We alerted npm and the packages were removed within three hours of publication.

Read Post
jfrog

CVE-2022-25845 - Analyzing the Fastjson "Auto Type Bypass" RCE vulnerability

Jun 14, 2022 By Uriya Yavnieli In JFrog

A few weeks ago, a new version for Fastjson was released (1.2.83) which contains a fix for a security vulnerability that allegedly allows an attacker to execute code on a remote machine. According to several publications, this vulnerability allows an attacker to bypass the “AutoTypeCheck” mechanism in Fastjson and achieve remote code execution. This Fastjson vulnerability only recently received a CVE identifier – CVE-2022-25845, and a high CVSS – 8.1.

Read Post
manageengine

How ADAudit Plus helps you assess your exposure to Follina (CVE-2022-30190)

Jun 13, 2022 By ADAudit Plus In ManageEngine

The recently discovered Windows zero-day vulnerability continues to make news as threat actors across the globe are relentless in their efforts to exploit it. The vulnerability, dubbed Follina, can be exploited when the Microsoft Support Diagnostic Tool (MSDT) is called by a Microsoft Office application using the URL protocol.

Read Post
bytesafe

What is a Dependency Firewall? What, Why and How?

Jun 13, 2022 By Daniel Parmenvik In Bytesafe

In recent years more open source vulnerabilities have been discovered than ever before. This is all part of the natural evolution; it’s what we expect to see as the amount of open source usage grows within organizations. But there’s something that we missed in this equation: while identifying vulnerabilities, organizations haven’t found a way to block unwanted dependencies, which made them vulnerable to attacks like never before.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.