SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
Patch Management vs Vulnerability Management: Understand the Difference
To keep up with increasingly cunning hackers and safeguard your network, you need to detect risks and patch them. So, to protect your network, you need vulnerability and patch management to do the dirty work. Vulnerability management tool detects security risks, and patch management tool remediates ...
CVE Research
FreeBSD Issues Critical Patch for Severe OpenSSH Vulnerability
The maintainers of the FreeBSD Project have issued an urgent security update to address a high-severity vulnerability in OpenSSH. This flaw could allow attackers to remotely execute arbitrary code with elevated privileges, posing a serious risk to systems running the affected versions of FreeBSD.
CVE Research
In-depth Understanding of the Terms CVE vs CVSS
In cybersecurity, the terms CVE vs CVSS often create confusion for those trying to understand vulnerabilities and their severity. While they are definitely related, they serve distinct purposes in the process of assessing and prioritizing risks. Remediating such risks is simpler with a patch managem...
CVE Research
Critical Apache OFBiz Flaw Makes Waves Worldwide
Apache just patched a critical vulnerability (christened CVE-2024-38856) in OFBiz, their open-source ERP system. Discovered by SonicWall Capture Labs, this pre-authentication remote code execution flaw has a CVSS score of 9.8 and involves the exposure of critical endpoints to unauthenticated threat ...
CVE Research
The Art of Automating Vulnerability Management: The How and the Best Practices
Scale. One word we can use to define the cybersecurity world over the past few decades. Networks and devices in them have scaled up and so have the number of security risks in them. As a result, the number of cyberattacks has scaled up, too! With this gigantic increase, traditional vulnerability man...
CVE Research
Apple Security Updates in July 2024
Apple just rolled out its latest security updates for various products in the Apple Security Updates in July 2024. This new update promises to strengthen the security of Apple devices and address several critical vulnerabilities. Here’s a closer look at what these updates entail and why you should i...
CVE Research
The Story of Cyberattack – CISCO Breach
The technology company Cisco was hacked by a group called the Ynalouwang Ransomware Group in 2022. This breach showed that even big companies have weak spots in their security. In this blog, you will get to know who hacked, how , what’s the breach’s impact, and how SanerNow prevents such cyberattack...
