Category: Vulnerabilities
Broken Function-Level Authorization: What It Is, How We Can Help
No. 5 on the OWASP API Top 10 vulnerabilities list is broken function-level authorization (after...
VIEW MOREOpenSSL Vulnerability
On October 26, the OpenSSL Project announced the discovery of a critical vulnerability, and that a...
VIEW MORELack of Resources and Rate Limiting: What It Is, How We Can Help
No. 4 on the OWASP API Top 10 vulnerabilities list is lack of resources and rate limiting (after...
VIEW MOREHTTP Request Smuggling Vulnerability in Node.js
Last week, researchers discovered an HTTP request smuggling vulnerability in Node.js. This...
VIEW MOREExcessive Data Exposure: What It Is, How We Can Help
No. 3 on the OWASP API Top 10 vulnerabilities list is excessive data exposure (after BOLA and...
VIEW MOREAddressing the Atlassian Confluence Vulnerability
On June 2, Atlassian issued a security advisory regarding a newly discovered remote code execution...
VIEW MOREThreatX SOC Vulnerability Alert: CVE-2022-21449 “Psychic Signatures”
Earlier this week, the ThreatX SOC deployed a rule to protect our client base from a newly...
VIEW MORESpring4Shell: Day 1 Update and Insights
As we reported yesterday, ThreatX deployed to production a ruleset to protect against Spring4Shell...
VIEW MOREThreatX Response to Spring4Shell
On March 29, 2022, Spring disclosed a zero-day vulnerability – Spring4Shell. A widely used Java...
VIEW MOREHow We Were Able to Help Our Customers With the Log4j 0Day
Many security teams are still working overtime to patch and protect against any log4j-related...
VIEW MORELog4j2: What We’ve Seen, What We Expect
We’re about a week and a half into the release of the Log4j2 vulnerability,...
VIEW MORETips From the ThreatX SOC: Managing the Log4j Vulnerability
The Log4j vulnerability has created a lot of chaos for security professionals. While there is no...
VIEW MORE