Latest News
Stay up to date with the latest posts and updates
Alerts
-
CRI-O Security Update for Kubernetes
Original release date: March 18, 2022 CRI-O has released a security update addressing a critical vulnerability—CVE-2022-0811—in CRI-O 1.19. A local attacker could exploit this vulnerability to take control…
4 min read
-
AA22-076A: Strengthening Cybersecurity of SATCOM Network Providers and Customers
Original release date: March 17, 2022 Summary Actions to Take Today: • Use secure methods for authentication. • Enforce principle of least privilege. • Review trust relationships. •…
4 min read
-
Dev Sabotages Popular NPM Package to Protest Russian Invasion
In the latest software supply-chain attack, the code maintainer added malicious code to the hugely popular node-ipc library to replace files with a heart emoji and a peacenotwar…
4 min read
-
Misconfigured Firebase Databases Exposing Data in Mobile Apps
Five percent of the databases are vulnerable to threat actors: It’s a gold mine of exploit opportunity in thousands of mobile apps, researchers say.
4 min read
-
Reporting Mandates to Clear Up Feds’ Hazy Look into Threat Landscape – Podcast
It’s about time, AttackIQ’s Jonathan Reiber said about 24H/72H report deadlines mandated in the new spending bill. As it is, visibility into adversary behavior has been muck.
4 min read
-
CISA Adds 15 Known Exploited Vulnerability to Catalog
Original release date: March 15, 2022 CISA has added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities…
4 min read
