Learn Search

Search across all Learn content

SecPod Labs

Security Research

In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.

Juniper Networks Rolls Out Essential Security Patch for Router Flaw: CVE-2024-2973

CVE Research

Juniper Networks Rolls Out Essential Security Patch for Router Flaw: CVE-2024-2973

Juniper Networks has issued an out-of-band security update to address a critical flaw that poses a significant security risk to its routers. The vulnerability CVE-2024-2973, boasts a CVSS score of 10.0, marking it as exceptionally severe.

Jul 03, 2024 • 3 min read

Managing CISA Known Exploitable Vulnerabilities (KEVs) and Enhancing Cyber Resilience using Saner CVEM

CVE Research

Managing CISA Known Exploitable Vulnerabilities (KEVs) and Enhancing Cyber Resilience using Saner CVEM

Vulnerabilities and exploits are strange bedfellows. While vulnerabilities are unintended and often unavoidable, exploits are deliberately created to feast on these vulnerabilities.

Jul 01, 2024 • 9 min read

New MOVEit Transfer Vulnerability Under Attack – Urgent Patch Required

CVE Research

New MOVEit Transfer Vulnerability Under Attack – Urgent Patch Required

A critical security vulnerability in Progress Software’s MOVEit  Transfer has been discovered and is known to be under active exploitation. The flaw, identified as CVE-2024-5806, has a CVSS score of 9.1 and involves an authentication bypass affecting several versions of MOVEit Transfer.

Jun 27, 2024 • 2 min read

Cyber Risk Exposure: Protecting Your Digital Space

CVE Research

Cyber Risk Exposure: Protecting Your Digital Space

In July 2021, Kaseya, a software company, experience a cyberattack that affected up to 1,500 businesses worldwide. This ransomware attack disrupted operations, caused financial losses, and highlighted the critical importance of cyber risk exposure. But what exactly is cyber risk exposure, and why sh...

Jun 27, 2024 • 4 min read

Story of Cyberattack: ProxyLogon

CVE Research

Story of Cyberattack: ProxyLogon

In this episode of “Story behind a cyberattack”, let’s talk about a cyberattack that shook the cybersecurity landscape in 2021. The attack that exposed the potential risks of unpatched systems and highlighted the important of cybersecurity practices. Approximately, 60,000 organizations have been com...

Jun 27, 2024 • 6 min read

Overcoming the Myths of Vulnerability Management with CVEM

CVE Research

Overcoming the Myths of Vulnerability Management with CVEM

In recent times, there’s been a huge buzz about the increasing popularity of Continuous Threat and Exposure Management (CTEM).

Jun 27, 2024 • 4 min read

EP 1: Story of Cyberattack Log4j

CVE Research

EP 1: Story of Cyberattack Log4j

In our very first episode of “Story Behind a Cyberattack,” we are bringing in the most critical vulnerability that hampered the security posture of almost every enterprise– Log4j

Jun 20, 2024 • 3 min read

Google Chrome 126 Update Resolves Critical Security Vulnerabilities!

CVE Research

Google Chrome 126 Update Resolves Critical Security Vulnerabilities!

Google has released Chrome 126, which addresses several high-severity vulnerabilities, including a notable flaw demonstrated at the TyphoonPWN 2024 hacking competition. This update is essential for maintaining the security and integrity of the widely-used web browser.

Jun 19, 2024 • 2 min read

Critical Vulnerabilities Found in VMware vCenter Server and Cloud Foundation

CVE Research

Critical Vulnerabilities Found in VMware vCenter Server and Cloud Foundation

A recent surge of critical remote code execution (RCE) vulnerabilities has been discovered in VMware vCenter Server and Cloud Foundation products. These vulnerabilities can be triggered by remote attackers who craft and send specific network packets to the vCenter Server via the DCERPC protocol. Suc...

Jun 18, 2024 • 2 min read