登录查看更多内容

Pay Attention to Web Frameworks While we Maintain Social Distance. Don't Let Adversaries Take Advantage of Known Weaponized Vulnerabilities

Srinivas Mukkamala

Founder - CEO | Chief Product Officer | Board Member | Advisor | Investor

发布日期: 2020年3月20日

+ 关注

WordPress and Apache are the most weaponized and exploitable web and application frameworks.

https://threatpost.com/wordpress-apache-struts-most-bug-exploits/153927/

https://portswigger.net/daily-swig/vulnerabilities-in-web-and-app-frameworks-fall-but-weaponization-rate-jumps-study

https://www.zdnet.com/article/wordpress-and-apache-struts-account-for-55-of-all-weaponized-vulnerabilities/

Stephen Welsh

MBA, C/CISO, PMP, AI, CEH, 6-Sigma Blackbelt, CISM, CISA, CRISC, CGEIT, Azure, GCP, AWS, cloud migration.

5 年

Well said Srinivas.

查看更多评论

要查看或添加评论，请登录

Srinivas Mukkamala的更多文章

Why Your App Control Strategy Needs a Reboot Now

2024年10月22日

Why Your App Control Strategy Needs a Reboot Now

Your organization's digital ecosystem is expanding faster than you can track. That’s not a slight; it’s reality — for…

2 条评论
How to Make Security Invisible — Yet More Effective Than Ever

2024年10月1日

How to Make Security Invisible — Yet More Effective Than Ever

How many times have you postponed a software update because you were in the middle of something important? Or used a…
Want to Drive Data-Driven Decisions? Focus on Your Data Fabric.

2024年8月13日

Want to Drive Data-Driven Decisions? Focus on Your Data Fabric.

Organizations are flooded with data more than ever before - but for most IT and security teams, what should be a…

1 条评论
The AI/Cyber Debate Is Missing the Point: What Every Business Leader Needs to Know Right Now

2024年5月23日

The AI/Cyber Debate Is Missing the Point: What Every Business Leader Needs to Know Right Now

The infusion of AI into cybersecurity is a double-edged sword. On the one hand, this incredible technology has the…

1 条评论
Shrink your attack surface without stunting your growth

2024年4月11日

Shrink your attack surface without stunting your growth

External Attack Surface Management (EASM) is a topic that keeps IT and security specialists awake at night. It’s such a…

4 条评论
The Results Are In! Announcing Ivanti’s Technology Alliance Partner Awards

2024年4月9日

The Results Are In! Announcing Ivanti’s Technology Alliance Partner Awards

I’m a big believer in strength in numbers. I can parse that philosophy multiple ways, and it still fits.

1 条评论
Leveling up: Ivanti announces major updates to the Ivanti Neurons Platform for Q4

2023年10月24日

Leveling up: Ivanti announces major updates to the Ivanti Neurons Platform for Q4

In the spirit of Cybersecurity Awareness Month, I'm excited to share that Ivanti, the tech company that elevates and…
Title: The Entrepreneurial Spirit is Essential to Growth

2023年9月27日

Title: The Entrepreneurial Spirit is Essential to Growth

Innovation, knowledge sharing, and collaboration are core to who we are at Ivanti. Recently, we brought together…

11 条评论
BlueKeep (CVE-2019-0708): From Rumor to Reality

2019年9月8日

BlueKeep (CVE-2019-0708): From Rumor to Reality

https://risksense.com/bluekeep-cve-2019-0708-from-rumor-to-reality/

2 条评论
Proud of Sean and RiskSense team to be one of the first to dig deep and provide details on Shadow Brokers.

2017年5月14日

Proud of Sean and RiskSense team to be one of the first to dig deep and provide details on Shadow Brokers.

https://github.com/rapid7/metasploit-framework/pull/8167 https://www.

See all articles

Pay Attention to Web Frameworks While we Maintain Social Distance. Don't Let Adversaries Take Advantage of Known Weaponized Vulnerabilities

Srinivas Mukkamala

Founder - CEO | Chief Product Officer | Board Member | Advisor | Investor

Srinivas Mukkamala的更多文章

社区洞察

其他会员也浏览了

Finding and Reporting Your First Reflected XSS: From A-Z

All In One (TryHackMe) CTF

Cat Pictures - Writeup (TryHackMe)

What Firefox extensions do I use

ESLint backdoor: what it is and how to fix the issue

See two perspectives to the Same Same Origin Policy question with answers from Google Gemini and ClaudeAI

Loki In Brazil - Payloads / Miners And an Awesome Purple Team

Internet Browser Forensics with Autopsy

HUNTING FOR XSS (full guide)

Hackers Exploit A Critical Google Chrome And Microsoft Edge Vulnerability, Update Now To Fix It

Srinivas Mukkamala的更多文章

Why Your App Control Strategy Needs a Reboot Now

How to Make Security Invisible — Yet More Effective Than Ever

Want to Drive Data-Driven Decisions? Focus on Your Data Fabric.

The AI/Cyber Debate Is Missing the Point: What Every Business Leader Needs to Know Right Now

Shrink your attack surface without stunting your growth

The Results Are In! Announcing Ivanti’s Technology Alliance Partner Awards

Leveling up: Ivanti announces major updates to the Ivanti Neurons Platform for Q4

Title: The Entrepreneurial Spirit is Essential to Growth

BlueKeep (CVE-2019-0708): From Rumor to Reality

Proud of Sean and RiskSense team to be one of the first to dig deep and provide details on Shadow Brokers.

社区洞察

其他会员也浏览了

Finding and Reporting Your First Reflected XSS: From A-Z

All In One (TryHackMe) CTF

Cat Pictures - Writeup (TryHackMe)

What Firefox extensions do I use

ESLint backdoor: what it is and how to fix the issue

See two perspectives to the Same Same Origin Policy question with answers from Google Gemini and ClaudeAI

Loki In Brazil - Payloads / Miners And an Awesome Purple Team

Internet Browser Forensics with Autopsy

HUNTING FOR XSS (full guide)

Hackers Exploit A Critical Google Chrome And Microsoft Edge Vulnerability, Update Now To Fix It