SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates for multiple products to address critical, high, and medium severity vulnerabilities for twelve different Cisco products. Advisories released for Cisco Policy Suite and Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) are...
CVE Research
Vulnerability Management Program Metrics: How do you Measure its Success?
Ponemon Institute notes that around 60% of breaches could have been easily avoided if organizations had included a vulnerability management software to protect devices. Thousands of vulnerabilities in the cybersecurity space are discovered every year. Even a small failure to discover vulnerabilities...
CVE Research
Google Chrome Zero-Days Under Active Exploitation
Google has released a security advisory for its Chrome users on Windows, Mac, and Linux, addressing seven security vulnerabilities. However, this release is including two very critical Zero-Day exploits exploited in the wild. Hence, these google chrome security vulnerabilities are tracking as CVE-20...
CVE Research
Scan Vulnerabilities In Less Than 5 Minutes! Faster Than Your Coffee Brews.
Who doesn’t love the smell of freshly brewed coffee? There is no better aroma that keeps me up than the smell of freshly brewed coffee. After pondering over my day-to-day tasks, a cup of coffee brings my sanity back and keeps my energy up. This 5-minute brewing time allows me to catch up with my col...
CVE Research
Adobe Critical Security Updates October 2021
Adobe has finally released October 2021 security updates providing fixes for 66 critical vulnerabilities in Adobe After Effects, Premiere Pro, Photoshop, etc. A total of 92 security vulnerabilities have been finally patched in this release. However most of these detected vulnerabilities could lead t...
CVE Research
Pile of Vulnerabilities Haunting You? Learn How Brad & Smith Mastered Vulnerability Management Use Cases
Brad and Smith are security administrators of an enterprise with 2000 devices. One of their prime responsibilities is to manage vulnerabilities in their network. With only two people at work and 2000 devices spread across multiple remote locations, both Brad and Smith had a hard time. Brad takes up ...
CVE Research
Discourse Patches Critical Remote Code Execution Vulnerability
Discourse is one of the most popular open-source community forums and mailing list management software applications. A critical code execution vulnerability (CVE-2021-41163) identifies in Discourse, allows an attacker to execute arbitrary code on the affected system. This vulnerability recognizes wi...
CVE Research
What Is The Difference Between Vulnerability Management And Risk-Based Vulnerability Management?
Vulnerabilities are increasing rapidly, and attackers are on the lookout for more sophisticated ways to exploit an attack. To add to this, the security landscape is also changing, continuously adding more burden to the shoulders of security teams. With rising vulnerabilities and evolving security la...
CVE Research
Oracle Critical Security Updates October 2021
Oracle Critical Updates October 2021 has finally released 419 new security patches for various product families, including Oracle Mysql, Oracle Java SE, Oracle Essbase, Database server, Oracle Golden Gate, etc. However, This advisory covers multiple products which are prone to many vulnerabilities. ...