Exploiting and detecting CVE-2021-25735: Kubernetes validating admission webhook bypass

The CVE-2021-25735 medium-level vulnerability has been found in Kubernetes kube-apiserver that could bypass a Validating Admission Webhook and allow unauthorised node updates. The kube-apiserver affected are: You are only affected by this vulnerability if both of the following conditions are valid: By exploiting the vulnerability, adversaries could bypass the Validating Admission Webhook checks and allow update actions on Kubernetes nodes.


Practical Steps for Fixing Flaws and Creating Fewer Vulnerabilities

All security flaws should be fixed, right? In an ideal world, yes, all security flaws should be fixed as soon as they’re discovered. But for most organizations, fixing all security flaws isn’t feasible. A practical step your organization can – and should – take is to prioritize which flaws should be fixed first.


Are You Targeting These Risky Red Zone Vulnerabilities?

Modern software development is full of security risk. Factors like lingering security debt, insecure open source libraries, and irregular scanning cadences can all impact how many flaws dawdle in your code, leading to higher rates of dangerous bugs in susceptible and popular languages.

Kubernetes Quick Hits: Use SecurityContext to run containers with a read-only filesystem

In this episode of our Kubernetes Quick Hits video series, Eric Smalling–Sr. In less than four minutes, you’ll learn how to use the readOnlyRootFilesystem control to keep your containers immutable and safe from modification by hackers and misbehaving code. Snyk helps software-driven businesses develop fast and stay secure. In addition to container security scans, Snyk can continuously monitor to find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

How to prevent OWASP API Top 10 security vulnerabilities? API attack prevention

Broken object level authorization Broken user authentication Excessive data exposure Lack of resources and rate limiting Broken function level authorization Mass assignment Security misconfiguration Injection Improper assets management Insufficient logging and monitoring Cyphere is a UK-based cyber security services provider helping organisations to secure their most prized assets. We provide technical risk assessment (pen testing/ethical hacking) and managed security services. This advice is a true third party opinion, free from any vendor inclinations or reselling objectives.

How to Future Proof Your System Against a Zero Day Exploit

Earlier this year, Kaspersky researchers discovered a zero day exploit hidden in Desktop Windows Manager. The exploit, designated as CVE-2021-28310, is known as an escalation of privilege (EoP) exploit, which allows attackers to gain access or a higher-level user permission to systems and platforms than an administrator would permit. Though patches have since been released, it’s not yet known how extensive the damage from this zero day exploit is yet.


Streamlining Vulnerability Management with Splunk Phantom

Vulnerabilities are weaknesses in the security infrastructure that bad actors can exploit to gain unauthorized access to a private network. It is nearly impossible for security analysts to patch 100% of the vulnerabilities identified on any given day, but a vulnerability management plan can ensure that the highest risk vulnerabilities (those that are most likely to cause a data breach), will be addressed immediately.

The Ultimate Guide To OWASP Security Checks for Web and Mobile Apps

When you are looking for genuine, inexpensive unbiased information to make your application secure, there is no better source to go to than OWASP. OWASP gives you guidelines to the industry's top threats and security best practices that help ensure your applications are secured. Take a look at this FREE OWASP Guide that covers vulnerabilities from both web and mobile to give you a comprehensive overview of your application's security status.

Urgent: 5 CVEs being exploited right now by SVR

The mastermind that orchestrated the SolarWinds attack may finally have a name. On Thursday, April 15th, the White House officially announced that the Russian Foreign Intelligence Service (SVR) - also known as APT 29, Cozy Bear, and The Dukes - was responsible for the campaign that exploited the SolarWinds Orion platform. But the attacks are not over yet. A joint advisory from the U.S.

Featured Post

4 ways Security and DevOps can collaborate to reduce application vulnerabilities

Today's organisations are operating in a digital landscape filled with complexities and vulnerabilities. Increasingly, the applications and technologies businesses use to facilitate crucial business operations and connect people are at the mercy of cybercriminals - who are eager to attack from the shadows exploiting and stealing sensitive information held within these everyday applications. As such, security and DevOps teams need a collaborative approach to address and triage application vulnerabilities that continually present themselves - despite each team having different overall objectives.