SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
Top Exposure Management Solutions for Enterprises in 2024!
In a world where cyberattacks are evolving faster than humans are able to detect and respond to threats, dealing with these attacks and finding effective tools to do so is crucial. Vulnerability management tools that help us safeguard our IT infrastructure are a necessity.
CVE Research
Microsoft’s April 2024 Patch Tuesday: A Record-Breaking Month for Security Fixes
Microsoft’s April 2024 Patch Tuesday wasn’t your average update day. While a record number of vulnerabilities were addressed (149), a unique aspect emerged – three critical vulnerabilities resided within a single product: Microsoft Defender for IoT. This blog post dives into these critical defenders...
Insights into Cybersecurity Trends: Staying Ahead in a Changing Landscape
CVE Research
Insights into Cybersecurity Trends: Staying Ahead in a Changing Landscape
The world of cybersecurity is like a wild jungle – always changing and sometimes dangerous! Hackers and cybercriminals are always searching for new ways to exploit vulnerabilities and access our sensitive information. Staying ahead in this dynamic landscape requires understanding the latest threats ...
CVE Research
Is Vulnerability Mitigation Just Patching? Or Patching and Beyond
The biggest reason for cyberattacks has been vulnerabilities. However, the trend has slowly changed, with threat actors using different methods and security risks to enter your network. Research suggests that 31% of cyberattacks were due to security risks such as misconfigurations, posture anomalies...
CVE Research
Fortinet Fixes Actively Exploited FORTICLIENT EMS Flaw Allowing Unauthorised Code Execution
Fortinet has issued an advisory warning about a new critical vulnerability in Fortinet’s FortiClient Enterprise Management Server (EMS) software. This flaw, identified as CVE-2023-48788, has been assigned a severity score of 9.3 on the CVSS scale, underlining its potential for serious impact. Horizo...
CVE Research
What are Security Controls? Everything You Need to Know
What were the biggest culprits and causes of cyberattacks in the past few years? CVE or software vulnerabilities are the usual suspects, but other security risks being exploited are on the rise and vulnerability management tools are struggling to keep up. It is a trend you must be observing too. The...
CVE Research
Microsoft Fixes 60 Vulnerabilities, 2 Rated Critical, in March 2024 Patch Tuesday
It’s been a calm year so far for patches! January saw no zero days, February only saw two, and March has brought us another month with zero zero days, so to speak. Microsoft’s Patch Tuesday states that out of the 60 flaws found, two are critical, and none were previously disclosed or actively exploi...
CVE Research
Strategic Server Patch Management to Safeguard Your IT Landscape
Consider this scenario: many vulnerabilities that don’t have a patch are present in the servers and get wildly exploited. These vulnerabilities will act as an open door to hackers, inviting them to have complete control over organizational information. To prevent this situation, an organization sho...
CVE Research
VMWare Catches New Critical ESXi Sandbox Escape Bugs
VMWare’s latest advisory reveals four new vulnerabilities affecting its ESXi, Workstation, Fusion, and Cloud Foundation products. Each vulnerability has been patched, with support even being extended for end-of-life products – an unusual but vital decision for this unprecedented situation.