SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
Microsoft April’s 2022 Patch Tuesday Addresses 119 Vulnerabilities Including 2 Zero-Days
Microsoft has released April’s 2022 Patch Tuesday security updates for 119 detected vulnerabilities, including two zero-days and nine being rated as critical. Moreover, the products covered in April’s 2022 patch Tuesday security update include Windows User Profile Service, Windows Common Log File Sy...
CVE Research
Critical Alert: Spring Core(SpringShell) Remote Code Execution Vulnerability Exploited In The Wild
The Spring Framework is an application framework and inversion of the control container for the Java platform developed by VMware. Detected vulnerability with CVE-2022-22965 affects Spring Core and allows an attacker to send a specially crafted HTTP request to bypass protections in the library’s HTT...
CVE Research
Apple Addressed High Severity Flaws in macOS, iOS – Patch Now
Apple April 2022 Security Update, two high severity zero-day flaws tracked as “CVE-2022-22674” and “CVE-2022-22675” have been reported in Apple macOS and iOS. Apple has released patches for these two zero-day CVEs affecting macOS and iOS. A critical vulnerability is, therefore, present in Apple macO...
CVE Research
SanerNow’s Role in Strengthening Compliance Posture
Millions of people are robbed of personal data like their credentials, social security numbers, bank account-credit card details, among others, on social media. These can be stopped by using a vulnerability management tool. Cybercriminals are engaged in their thieving escapade to impersonate people ...
CVE Research
Lapsus$ Extortion Group: Large Tech Companies Suffer from Teen Attacks!
With cybersecurity threats on the rise, attackers use more sophisticated techniques to steal sensitive information. From small companies to large businesses, every tech company can be victim of cyber-attacks. Vulnerability Management System can prevent these attacks.
CVE Research
Adopt Enterprise Vulnerability Management Program to Survive in the Age of Advanced Cyberthreats
Today, many enterprises need cybersecurity solutions to deal with the growing IT security threats. Cyberattacks like ransomware are escalating the importance of vulnerability assessment, prioritization, and instant remediation for small, medium, and large-sized enterprises. Cyberhygiene measures con...
CVE Research
Pandora Ransomware Hits Toyota’s Automotive Supplier Denso
A Pandora ransomware attack targeted Denso Corp, a supplier of Toyota Motor Corporation. The confirmation came after the Pandora Ransomware group leaked the stolen data and claimed responsibility. However, the attack has not resulted in any disruption in Denso’s operations. This is why it is essenti...
CVE Research
Vulnerability Assessment Report: An Essential Step For Better Vulnerability Management
Once the vulnerability assessment process is completed, security teams generate bulky reports for further analysis. Though these reports are detailed and covered with all the information, security teams find it hard to read them. Hence, they lag in drawing clear insights from these reports. Ultimate...