Security

A primer on the types of cybersecurity vulnerabilities organizations face

Vulnerabilities are everywhere in the cyber systems on which enterprises rely for, well, everything. The need for an effective vulnerability risk service has never been higher. The number of cybersecurity vulnerabilities grows along with the number of cyber systems and users, significantly increasing the attack surfaces of corporate network infrastructures.   Organizations need a vulnerability

Types of Application Security Testing: Definitions and Differences

Aggregating the findings of AST tools delivers a holistic, app-centric approach to security It may be cliche, but almost every company today is an application development company. And the increasing number of security breaches and sophisticated threats are driving the application security testing (AST) market.   Compliance regulations, the move to remote work, and the

CVE-2022-42889 Text4Shell

On 2022-10-13, the Apache Security Team disclosed a critical vulnerability with CVE-2022-42889 affecting the popular Apache Commons Text library. This vulnerability is popularly named “Text4Shell” which when exploited can allow an unauthenticated attacker to execute arbitrary code on the vulnerable asset. A CVSSv3 score of 9.8/10 is assigned to this vulnerability.   Apache Common Text

CVE-2022-3786 and CVE-2022-3602: X.509 Email Address Buffer Overflows

Brinqa has investigated the impact of vulnerability X.509 Email Address Buffer Overflows as reported by openssl.org. CVE-2022-2602 was reported in private to OpenSSL on 17th October 2022 by Polar Bear who was performing an audit of OpenSSL code. Subsequent analysis of that issue on 18th October 2022 by Viktor Dukhovni identified a second independently triggerable

Stay updated with our blog posts

Enter your email address and you'll be notified about our new posts

Brinqa Thank You logo speech bubble

Processing...

  • This field is for validation purposes and should be left unchanged.