Skip to content

AppSec Observer: vulnerabilities (4)

Contrast's application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.

Subscribe Now
    Topics
    Apache Struts CVE-2019-0230 Vulnerabilities and How to Block Attacks

    Apache Struts CVE-2019-0230 Vulnerabilities and How to Block Attacks

    Note: Special thanks to Alvaro Muñoz (https://twitter.com/pwntester) for correcting us on some very important technical..

    social-media-role-discovering-vulnerabilities

    What Role Should Social Media Play in Discovering Vulnerabilities?

    New research from the Pacific Northwest National Laboratory (PNNL) Data Sciences and Analytics Group shows that 25% of..

    cyberattacks-applications-grow-exponentially

    Cyberattacks on Applications Grow Exponentially, Pose Serious Risk

    The need for digital engagement with customers, partners, and employees has never been greater than it is today. Most..

    Application Security Risk Is 1.7x Higher for Organizations That Fail to Manage Security Debt

    Application Security Risk Is 1.7x Higher for Organizations That Fail to Manage Security Debt

    Analyzing data captured from June 2019 to May 2020, Contrast Labs found that applications experienced over 13,000..

    Assessing API Security Risks, Plotting a Solution

    Assessing API Security Risks, Plotting a Solution

    Application programming interfaces (APIs) are increasingly opening paths to vulnerabilities further down in application..

    Remote Code Execution Deserialization Vulnerability Blocked by Contrast

    Remote Code Execution Deserialization Vulnerability Blocked by Contrast

    On May 20, 2020, the National Vulnerability Database (NVD) published a new CVE—CVE-2020-9484. The vulnerability..

    Open-Source Python Salt CVEs and the Cisco Server Breach

    Open-Source Python Salt CVEs and the Cisco Server Breach

    Hackers recently exploited two critical vulnerabilities (CVEs) in SaltStack’s "Salt" management framework in order to..

    Contrast Labs: Mapping Risk Profiles for Select OWASP Top 10 Vulnerabilities to Understand Their AppSec Risk

    Contrast Labs: Mapping Risk Profiles for Select OWASP Top 10 Vulnerabilities to Understand Their AppSec Risk

    At Contrast Security, the Contrast Labs team is charged with numerous things. Part of this charter includes looking at..

    Contrast Labs: CVE-2020-11444: Privilege Escalation Vulnerability in Sonatype Nexus Repository Manager

    Contrast Labs: CVE-2020-11444: Privilege Escalation Vulnerability in Sonatype Nexus Repository Manager

    In this time of COVID-19, social distancing, stay at home, shelter in place, and all the other things that force us to..