Day: November 2, 2022

Enterprise Vulnerabilities

VMware patches critical authorization bypass vulnerability in Spring Security

A critical authorization rules bypass vulnerability exists in Spring Security versions 5.7.0 to 5.7.4 and versions 5.6.0 to 5.6.8. The vulnerability gives attackers a way to potentially bypass an API gateway and access backend services with a simple “forward” [299 words]. What: VMware released Spring Security 5.6.9 and 5.7.5 on October 31 to fix the […]

Read More

Two new mobile malware threats that researchers are keeping an eye on

Organizations that have BYOD policies need to make sure personally owned mobile devices don’t offer a path into their apps and network, for attackers [277 words]. Here are the two threats Malicious mobile apps on Google Play distributing ads/phishing link serving malware A software developer with the name Mobile apps Group has published a family […]

Read More