In order to understand the many potential cyberattacks that threaten you and your organization, we turn to MITRE’s Common Weakness Enumeration (CWE) database as a key first step.
Compartmentalization is one of the seven layers in the cybersecurity stack. It works by separating data and software on a processor into different compartments to effectively limit the scope of damage of potential cyberattacks only to the...
In January 2021, a major buffer overflow vulnerability, impacting a large chunk of the Linux ecosystem, was discovered in the sudo application by security auditing firm, Qualys. The vulnerability, known widely as “Baron Samedit,” received a CVE...
It wasn’t too long ago that we wrote a roundup of the severe buffer overflow vulnerabilities discovered in the just the first quarter of 2021, but the all-too-common bug has made the news yet again.
Solving the problem of how to prevent cyberattacks has been a priority even before the first internet-born cyberattack, the Morris Worm. It was a buffer overflow attack that spread rapidly and became a viral denial of service attack and it was...
It is often difficult to evaluate the current offerings of cybersecurity products against the needs of a particular software-intensive, safety-critical platform. One reason for this is the collection of grand but unsubstantiated claims of...
SolarWinds first made headlines in December 2020, but nearly six months later, more information about the attack continues to come to light. From the execution method to the implications for securing the software supply chain—we’ve learned many...
As information about the SolarWinds attack continues to come to light, a new focus is being placed on the software supply chain and the cybersecurity risks it poses. The frequency and popularity of software supply chain attacks (also known as...
Months after being discovered, the world is still abuzz with talk of the SolarWinds attack. In all likelihood, we’ll still be talking about it for years to come. SolarWinds was unprecedented in its target and scope. It also highlights a new and...
A private 5G network is a wireless Local Area Network (LAN) that licenses 5G technologies inaccessible to the public. For organizations that are ready to take advantage of 5G technology, the option of a private 5G network is particularly...