Attack technique alert: Vulcan Cyber discovered that AI package hallucination open developers to malicious attacks | Learn more >>

OWASP top 10 LLM risks: Discover the OWASP top 10 LLM risks for 2023 and the steps we can take to prevent them | Read more >>

CVE-2023-32784 in KeePass: How to fix the KeePass password manager vulnerability | Read more >>

Attack technique alert: Vulcan Cyber discovered that AI package hallucination open developers to malicious attacks | Learn more >>

OWASP top 10 LLM risks: Discover the OWASP top 10 LLM risks for 2023 and the steps we can take to prevent them | Read more >>

CVE-2023-32784 in KeePass: How to fix the KeePass password manager vulnerability | Read more >>

TRY VULCAN FREE

Vulcan Cyber partners with InfoGuard AG to bring complete cyber risk management to DACH region

Vulcan Cyber risk-based vulnerability management solutions for all attack surfaces now available across Switzerland, Germany & Austria  TEL AVIV, Israel, May 29, 2023 – Vulcan Cyber, developers of the cyber risk management platform for infrastructure, application and cloud vulnerabilities, today announced a new partnership with InfoGuard AG, the Swiss expert for cyber security and cyber defence in the… Continue reading Vulcan Cyber partners with InfoGuard AG to bring complete cyber risk management to DACH region

How to fix CVE-2023-32243 in Elementor Essential Addons

A vulnerability has been discovered in Essential Addons for Elementor, a popular WordPress plugin with over one million active installations. The vulnerability, tracked as CVE-2023-32243, allows an unauthenticated attacker to reset the password of any user on the affected site, effectively granting them administrator privileges. Here’s what we know so far: What is CVE-2023-32243? CVE-2023-32243… Continue reading How to fix CVE-2023-32243 in Elementor Essential Addons

CISA’s KEV additions: Linux under threat?

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently expanded its Known Exploited Vulnerabilities catalog by adding seven more Linux-related vulnerabilities. Interestingly, some of these vulnerabilities aren’t fresh threats; one even traces back to 2010. Despite their age, these vulnerabilities are still being actively exploited, causing significant concerns for federal enterprises. Among the new entries… Continue reading CISA’s KEV additions: Linux under threat?

“Ideal for an overwhelmed security team” – how Vulcan Cyber mitigates vulnerability risk

This case study was adapted from a TrustRadius review of Vulcan Cyber. You can read it here. A rapidly-growing insurance company needed a solution to help them get a clear picture of vulnerabilities across all cyber attack surfaces to prioritize and mitigate risk. They chose Vulcan Cyber to get the most out of their security… Continue reading “Ideal for an overwhelmed security team” – how Vulcan Cyber mitigates vulnerability risk

How to fix CVE-2023-2033 in Google Chrome

Google has released an urgent update to address a zero-day vulnerability actively exploited in its Chrome web browser, identified as CVE-2023-2033. This vulnerability, considered highly severe, has been classified as a type confusion issue in the V8 JavaScript engine. Here’s what you need to know: Does CVE-2023-2033 affect me? The vulnerability affects users of Google… Continue reading How to fix CVE-2023-2033 in Google Chrome

How to fix CVE-2023-25610 in FortiOS

Fortinet issued an advisory on March 7th regarding CVE-2023-25610, a severe remote code execution (RCE) vulnerability found in its operating system, FortiOS. The flaw, which stems from a buffer underwrite bug in the administrative interface, may enable a malicious remote unauthenticated attacker to execute code through carefully crafted requests. Here’s everything you need to know:… Continue reading How to fix CVE-2023-25610 in FortiOS

How to fix CVE-2023-22501 in Jira

On February 1, 2023, Atlassian issued an advisory for CVE-2023-22501, a critical broken authentication vulnerability affecting its Jira Service Management Server and Data Center offerings. Jira Service Management Server and Jira Service Management Data Center are additional features that run on top of Jira Core. Here’s everything you need to know about CVE-2023-22501: What is… Continue reading How to fix CVE-2023-22501 in Jira

LearnPress vulnerabilities: the importance of updating your plugins

In all likelihood, your site is powered by WordPress, the world’s most popular website content management system. With over 40% of websites relying on this platform, it’s no wonder that it’s the go-to choice for many. One of the biggest draws of WordPress is its ability to extend its functionality through plugins. There are tens… Continue reading LearnPress vulnerabilities: the importance of updating your plugins

6 cyber security trends for 2023: what to expect

Charting the future trajectory of cyber security is a tall order. The rapid proliferation of new attack surfaces means more opportunities for threat actors than ever before, and this will only continue as new technologies are introduced. Still, there are some things we can confidently predict for the coming year, given that they are trends… Continue reading 6 cyber security trends for 2023: what to expect

8 cyber risk trends you should know about in 2022

This blog is an excerpt highlighting just some of the cyber risk trends from the latest report, Cyber risk in 2022: a 360° view, produced together with the Voyager18 team. You can read it here.  The cyber threat landscape evolves rapidly. Over the past year, it is safe to say that security breaches, data leaks,… Continue reading 8 cyber risk trends you should know about in 2022