Rapid7 Fixes a SQL Injection Bug in Nexpose
Rapid7 security released the fix of a critical SQL injection vulnerability in Nexpose, a popular local vulnerabilities management software. The flaw was tracked as CVE-2022-0757 and received a score of…
Log4j BlindSpots
Apache Java logging library log4j‘s popularity and its ability to hide in code,landmines hiding in infrastructure due to log4j’s Log4Shell security vulnerabilities. The good news is there are scanning tools that…
Log4j-Scanner From CISA
The CISA has announced the release of a scanner for identifying web services impacted by two Apache Log4j remote code execution vulnerabilities, tracked as CVE-2021-44228 and CVE-2021-45046 & CVE-2021-45105 log4j-scanner is a…
Python🐍 Package Probe Tool
A tool has been launched to scans Python environments for packages with known vulnerabilities dubbed 'Pip-audit’ leverages the PyPI JSON API to compare dependencies against the Python Packaging Advisory Database…
Container Security with Zero Trust & Compliance
Gartner predicts that by end of 2022, more than 75-80% of global organizations will be running containerized applications in production. Though organizations can achieve many business benefits by using Kubernetes…