» Blog

According to F5’s The State of the State of Application Exploits in Security Incidents report, web application attacks were the leading incident pattern among data breaches for six of the last eight years. Meanwhile, the number of new vulnerabilities discovered each year continues to rise, making it difficult for security teams to effectively keep up,…

In 2021, there were more than 20,000 common vulnerabilities and exposures (CVEs) added to the MITRE database. This number of annually reported vulnerabilities has been gradually climbing since the database’s creation in 1999, with a significant increase in volume over the last five years. As a result, it’s now become impossible for security teams to…

Context On June 28, 2022, ReversingLABS researchers reported a phishing campaign using malicious Microsoft Office files to distribute the new 2.0 version of the AstraLocker ransomware. Researchers assess that the threat actors behind the campaign likely obtained the AstraLocker 2.0 code from the Babuk leak in September of 2021, based on shared code and campaign…

A vulnerability is a flaw or weakness in a system that, if exploited, would allow a user to gain unauthorized access to conduct an attack. Vulnerability management is the process of identifying, prioritizing, and remediating these vulnerabilities to reduce an organization’s overall risk. Prioritization of vulnerabilities is essential because not all vulnerabilities are going to…

Context On June 28, 2022, Palo Alto Unit 42 researchers reported technical details and a proof of concept (PoC) exploit code for CVE-2022-30137, which they have designated FabricScape. CVE-2022-30137 is rated at 6.7 or medium severity, and affects Microsoft Service Fabric. Service Fabric is commonly used with Azure and hosts over one million applications daily. Microsoft released a patch…