Patch/Configuration Management

Jay Jacobs Co-Founder and Data Scientist and Wade Baker Co-Founder; Data Storyteller from The Cyentia Institute come on the show to talk about The Exploit Prediction Scoring System (EPSS). This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them!

The vulnerability arose from the incorrect application of XPath evaluation and could be leveraged to facilitate remote code execution across all GeoServer implementations.

Researchers with Cloudflare say a newly disclosed vulnerability comes under attack every 22 minutes on average.

While Microsoft dubbed the flaw as a high-severity spoofing bug, such an issue was disclosed by ZDI to be a remote code execution vulnerability that requires a higher severity rating.

Wir fahren auf der AutoBahn, APT 40, Meliorator, RADIUS, AT&T, Apple, Josh Marpet, and More on the Security Weekly News.

CVE-2024-6385, like another bug patched last month, could allow attackers to run pipelines as any user.

Microsoft’s notorious Internet Explorer has been brought out of retirement by threat actors using its security holes to serve malware.

Akamai researchers say its honeypots found numerous attempts to exploit recently disclosed vulnerability.