Open Source Security Incidents and How Organizations Can Respond
rezilion | | open source, open source risk, Open Source Security, open source vulnerabilities, Uncategorized
Attacks that leverage vulnerabilities in open source software are on the rise. How security teams respond to these incidents is key to what impact they will ultimately have. Oftentimes the attacks stemming ...
Security Teams Need to Address One of the Biggest Software Supply Chain Risks: Open Source
rezilion | | open source, open source risk, Open Source Security, open source vulnerabilities, rsa, software supply chain, software supply chain risk, Uncategorized
One of the biggest threats to software supply chain security is open source software applications and components. Many enterprises and small businesses have come to rely on open source solutions, and they ...
Join Rezilion in Las Vegas for Black Hat, BSides and DEFCON, 2023
This time every year, Las Vegas transforms into the epicenter of the security world with a lineup of major industry events – Black Hat, BSides and DEFCON. Rezilion is excited to be ...
Why Developers Need a Security Mindset (And How to Help Them With It)
It’s never been a more important time for developers to have a security mindset. Software developers are increasingly relying on open source components in their products. While this makes their jobs somewhat ...
Microsoft July 2023 Patch Tuesday Round Up
Ofri Ouzan | | Microsoft patch tuesday, Microsoft security, Patch Tuesday, Rezilion research, Uncategorized, Vulnerability Management
On July 11th 2023, Microsoft released their July Patch Tuesday and revealed 130 new CVEs, 5 of them are classified as “Exploitation Detected” by Microsoft and 4 of them added to the ...
Widespread Exploitation Continues: MOVEit CVE-2023-34362 Leaves Organizations at Risk
Ofri Ouzan | | MOVEit, MOVEit CVE-2023-34362, MOVEit Transfer Zero Day, Uncategorized, Vulnerability Management
MOVEit CVE-2023-34362 is a Critical SQL Injection vulnerability rated 9.8. It affects all versions of Progress Software’s managed file transfer (MFT) solution, MOVEit Transfer. This vulnerability has the potential to grant unauthorized access ...
Organizations Need to Establish Trust to Enhance Supply Chain Security
rezilion | | software supply chain, software supply chain security, Supply Chain Risk, Uncategorized, Vulnerability Management
Enhancing the trust and security of the supply chain is on the minds of many a cybersecurity executive today, and will likely be a topic of interest and concern in the months ...
What You Need to Know About StackRot – CVE-2023-3269
Ofri Ouzan | | CVE-2023-3269, patching, remediation, StackRot, Uncategorized, Vulnerability Management, vulnerability patching
StackRot, identified as CVE-2023-3269 is a 7.8 HIGH use-after-free vulnerability in the Linux kernel versions 6.1 to 6.4 that can lead to privilege escalation. The vulnerability, which was disclosed by Ruihan Li ...
AppSec and Software Supply Chain Security: How Do They Go Together?
AppSec and Software Supply Chain Security are two terms more frequently used as part of DevOps, as well as when considering how to develop a security strategy. Software supply chain attacks are on ...
EPSS Vs CVSS: How Do They Compare?
Esther Shein | | Common Vulnerability Scoring System, CVSS, epss, Exploit Prediction Scoring System, Uncategorized, Vulnerability Management
The tech industry loves its acronyms and one that is grabbing attention these days is the Exploit Prediction Scoring System (EPSS). Since many people are more familiar with the Common Vulnerability Scoring ...