Textpattern CMS 4.8.3 Remote Code Execution

Textpattern CMS version 4.8.3 remote code execution exploit. Packet Storm

Security as Code: Why It’s Important and What You Need to Know

Software is becoming an increasingly pivotal part of modern business and society. In turn, consumers have come to expect instant gratification. This has driven businesses to concentrate on innovation and speed to market. Businesses that can???t keep up with the hyper-competitive market of speed-to-value are falling behind. But with rapid software deliveries comes increased risk. […]

Proof of concept code published for latest Saltstack CVE: Don’t be an update laggard

Any user could become root, warns Immersive Labs researcher Proof of concept code has been published for a vulnerability in popular data centre security management tool Saltstack, which was discovered after a developer at Immersive Labs found a privilege escalation bug allowing any old user to become root.… The Register – Security

Message Authentication Code (MAC) Using Java

This is the seventh entry in this blog series on using Java Cryptography securely. Starting from theツ?basics we began diving deeper into various basic cryptographic primitives such as Cryptographically Secure Random Number Generator, symmetric & asymmetric encryption/decryption & hashes. After taking a brief interval, we caught-up with cryptographic updates in the latest Java version. Skip […]

Dangers of Only Scanning First-Party Code

When it comes to securing your applications, it???s not unusual to only consider the risks from your first-party code. But if you???re solely considering your own code, then your attack surface is likely bigger than you think. Our recent State of Software Security report found that 97 percent of the typical Java application is made […]

Next Page »