SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
Automate Vulnerability Scanning to a Daily Routine!
Organizations and individuals mainly rely on technology for various aspects of their daily lives. As cyber threats are expanding, organizations must constantly stay alert to protect their digital assets and data. Vulnerability scanning is the process of going through your IT infrastructure to detect...
CVE Research
Microsoft’s December 2023 Patch Tuesday Fixes 34 Vulnerabilities, Including 1 Zero Days!
Microsoft addressed 34 security flaws in its December 2023 Patch Tuesday, including one previously known vulnerability in AMD CPUs. While eight of these vulnerabilities were classified as remote code execution (RCE), only three were considered critical by Microsoft. In total, four vulnerabilities we...
CVE Research
Critical RCE Flaw Discovered In Confluence: CVE-2023-22522
A new remote code execution vulnerability has been found in Confluence Data Center and Server. CVE-2023-22522, exploited using template injection, allows authenticated attackers (including those with anonymous access) to inject malicious user input into Confluence pages. What’s more, this vulnerabil...
CVE Research
Combating Inactive, Guest Users & Anonymous logins with SanerNow
Inactive and guest users in your network are more dangerous than you think. Accounts left alone unused for a long time, and guest users created for one-off logins are high-priority targets for cyber-attackers who exploit these accounts to get inside your network.
CVE Research
Google Fixes Chrome’s Sixth Zero-day Vulnerability in 2023
In response to ongoing attacks exploiting a security vulnerability, Google released a security patch on 28th November, effectively addressing the sixth zero-day flaw in the Chrome browser this year. The company has officially acknowledged the existence of an exploit for the identified security flaw,...
CVE Research
Microsoft’s November 2023 Patch Tuesday Fixes 75 Vulnerabilities, Including 5 Zero Days
This Patch Tuesday November 2023, Microsoft fixed 75 vulnerabilities, with three rated as critical and 57 rated as important. Elevation of Privilege and Remote Code Execution vulnerabilities are tied for the most common categories at 17 each, with one in each category being critical. The third criti...
CVE Research
Cracking the Code: Understanding Why Organizations Can’t Ignore Vulnerability Prioritization
In today’s world, organizations constantly face cyber threats and vulnerabilities that can compromise their sensitive data, disrupt operations, and damage their reputations. The biggest challenge for IT Security Teams is to handle the mountainous volumes of vulnerabilities being detected by vulnerab...