BIG-IP Fixes Critical Vulnerabilities
BIG-IP F5 has fixed more than a dozen high-severity vulnerabilities part of its monthly patch delivery cycle in its networking device, one of them being elevated to critical severity under…
Cisco Acquires Epsagon
Cisco Systems is buying Israeli application monitoring company Epsagon to add to its growing observability platform added to Cisco’s full-stack observability platform that today consists of the company’s other acquired…
Chekmarx buys Dustico
Checkmarx, an Israeli provider of static application security testing (AST), has acquired open-source supply chain security startup Dustico for an undisclosed sum. Dustico provides a dynamic source-code analysis platform that…
Kaseya has new Zero Days
Kaseya Unitrends is a cloud-based enterprise solution that provides affordable, low-maintenance data protection offering to complement existing client backup and recovery solutions. The vulnerabilities include remote code execution and authenticated…
Posted inCyberAttack
Kaseya gets the Decryptor
Kaseya at the center of a huge ransomware attack this month has obtained a universal key to unlock files of the hundreds of businesses and public organizations crippled by the…
Posted inMITRE
MITRE ATT&CK Top Most Software Bugs
Software weaknesses are flaws, bugs, vulnerabilities, and various other types of errors impacting a software solution's code, architecture, implementation, or design, potentially exposing systems it's running on to attacks. MITRE…
NIST Software Security Guidance
NIST spells out security measures for "critical software" used by federal agencies and minimum standards for testing its source code. The best practices could be a model for the private sector…
SolarWinds Patches Serv-U.. Do you have one ?
SolarWinds is urging customers to patch a Serv-U remote code execution vulnerability that was exploited in the wild by "a single threat actor" in attacks targeting a limited number of customers. The…