Category: Vulnerabilities
Defending Against Zero-Day Threats
With the dynamic and complex nature of today’s technology landscape, zero-day threats are a...
VIEW MORETakeaways From the Verizon 2023 Data Breach Investigations Report
The Verizon 2023 Data Breach Investigations Report was recently released, and as always, it’s...
VIEW MOREAttackers, Take the Wheel: API Vulnerabilities Found in 16 Car Brands
The dream of self-driving cars has been around since the days of the Jetsons, Knight Rider, and...
VIEW MOREBroken Function-Level Authorization: What It Is, How We Can Help
No. 5 on the 2023 OWASP API Top 10 vulnerabilities list is broken function-level authorization....
VIEW MOREOpenSSL Vulnerability
On October 26, the OpenSSL Project announced the discovery of a critical vulnerability, and that a...
VIEW MORELack of Resources and Rate Limiting: What It Is, How We Can Help
No. 4 on the OWASP API Top 10 vulnerabilities list is lack of resources and rate limiting (after...
VIEW MOREHTTP Request Smuggling Vulnerability in Node.js
Last week, researchers discovered an HTTP request smuggling vulnerability in Node.js. This...
VIEW MOREExcessive Data Exposure: What It Is, How We Can Help
2023 UPDATE: In the 2023 OWASP API Top 10 vulnerabilities list, Excessive Data Exposure and Mass...
VIEW MOREAddressing the Atlassian Confluence Vulnerability
On June 2, Atlassian issued a security advisory regarding a newly discovered remote code execution...
VIEW MOREThreatX SOC Vulnerability Alert: CVE-2022-21449 “Psychic Signatures”
Earlier this week, the ThreatX SOC deployed a rule to protect our client base from a newly...
VIEW MORESpring4Shell: Day 1 Update and Insights
As we reported yesterday, ThreatX deployed to production a ruleset to protect against Spring4Shell...
VIEW MOREThreatX Response to Spring4Shell
On March 29, 2022, Spring disclosed a zero-day vulnerability – Spring4Shell. A widely used Java...
VIEW MORE