article thumbnail

Safeguarding your digital ecosystem: effective strategies to detect and mitigate API abuse

CIO

Strategy 1: Implement strong authentication and authorization mechanisms Enforcing robust authentication and authorization mechanisms is a fundamental step in preventing API abuse. This article explores effective strategies that empower organizations to safeguard their systems and valuable data.

Strategy 246
article thumbnail

CVE-2020-12271: Zero-Day SQL Injection Vulnerability in Sophos XG Firewall Exploited in the Wild

Tenable

Sophos pushes a hotfix to address a SQL injection vulnerability in Sophos XG Firewall that was exploited in the wild. On April 22, Sophos published a knowledge base entry on the Sophos Community regarding the discovery of a zero-day vulnerability in the Sophos XG Firewall that was exploited in the wild. Background. Proof of concept.

Firewall 101
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

How to minimize remote access cyber security threats in 2024

CIO

These companies heavily rely on remote access services, which can be a significant attack vector due to insecure servers, inadequate security protocols, cloud misconfigurations, exposure of security infrastructure (such as routers and firewalls), and more. Change your vulnerability mindset to identify legacy vulnerability management systems.

article thumbnail

Modern Network Security: How Technology and Smart Practices are Reducing Risk

CIO

With the shift to hybrid work, data, applications, intellectual property, and personal information is no longer stashed safely behind a corporate firewall. In this webcast, we’ll explore: The current trending threats facing networks, like authentication vulnerabilities, malware, phishing, and denial of service attacks.

Network 245
article thumbnail

CVE-2023-38035: Ivanti Sentry API Authentication Bypass Zero-Day Exploited in the Wild

Tenable

CVE Description CVSSv3 Severity CVE-2023-38035 Ivanti Sentry API Authentication Bypass Vulnerability 9.8 Analysis CVE-2023-38035 is an authentication bypass vulnerability in the MobileIron Configuration Service (MICS) Admin Portal of the Ivanti Sentry System Manager. We strongly recommend upgrading as soon as possible.

article thumbnail

Four questions for a casino InfoSec director

CIO

As learned from recent cyberattacks, user education has become a critical component to protecting against these threats as well.

article thumbnail

A CISO POV: Securing AI in your company

CIO

Firewall capability for AI security: Enhance security measures by providing firewall capabilities to safeguard against potential AI-related vulnerabilities. We all know that well-intended workers will figure out how to use it without going through the corporate firewalls. Embrace AI—it’s here!