securityboulevard.com
Open in
urlscan Pro
2606:4700:10::6816:39c
Public Scan
Submitted URL: https://t.co/IyQnKPIZq6
Effective URL: https://securityboulevard.com/2022/05/security-advisory-regarding-follina/?utm_source=dlvr.it&utm_medium=twitter
Submission: On June 01 via api from US — Scanned from DE
Effective URL: https://securityboulevard.com/2022/05/security-advisory-regarding-follina/?utm_source=dlvr.it&utm_medium=twitter
Submission: On June 01 via api from US — Scanned from DE
Form analysis 3 forms found in the DOM
GET https://securityboulevard.com/
<form action="https://securityboulevard.com/" class="search-form searchform clearfix" method="get">
<div class="search-wrap">
<input type="text" placeholder="Search" class="s field" name="s">
<button class="search-icon" type="submit"></button>
</div>
</form>POST /2022/05/security-advisory-regarding-follina/?utm_source=dlvr.it&utm_medium=twitter
<form method="post" enctype="multipart/form-data" id="gform_10" action="/2022/05/security-advisory-regarding-follina/?utm_source=dlvr.it&utm_medium=twitter">
<div class="gform_body gform-body">
<ul id="gform_fields_10" class="gform_fields top_label form_sublabel_below description_below">
<li id="field_10_1" class="gfield gfield_contains_required field_sublabel_below field_description_below hidden_label gfield_visibility_visible" data-js-reload="field_10_1"><label class="gfield_label" for="input_10_1">Email<span
class="gfield_required"><span class="gfield_required gfield_required_asterisk">*</span></span></label>
<div class="ginput_container ginput_container_email">
<input name="input_1" id="input_10_1" type="text" value="" class="large" placeholder="Your Email" aria-required="true" aria-invalid="false">
</div>
</li>
<li id="field_10_2" class="gfield gfield_html gfield_html_formatted gfield_no_follows_desc field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_10_2">
<div class="gsection_description"><a href="https://securityboulevard.com/privacy-policy/">View Security Boulevard <u>Privacy Policy</u></a></div>
</li>
<li id="field_10_3" class="gfield gform_hidden field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_10_3">
<div class="ginput_container ginput_container_text"><input name="input_3" id="input_10_3" type="hidden" class="gform_hidden" aria-invalid="false" value=""></div>
</li>
<li id="field_10_4" class="gfield gform_hidden field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_10_4">
<div class="ginput_container ginput_container_text"><input name="input_4" id="input_10_4" type="hidden" class="gform_hidden" aria-invalid="false" value=""></div>
</li>
<li id="field_10_5" class="gfield gfield--width-full field_sublabel_below field_description_below hidden_label gfield_visibility_visible" data-js-reload="field_10_5"><label class="gfield_label" for="input_10_5">CAPTCHA</label>
<div id="input_10_5" class="ginput_container ginput_recaptcha gform-initialized" data-sitekey="6Ld9rm8cAAAAAEa1mXDqRlCvlsP8t1u1weqyOCJn" data-theme="light" data-tabindex="-1" data-size="invisible" data-badge="bottomright">
<div class="grecaptcha-badge" data-style="bottomright"
style="width: 256px; height: 60px; display: block; transition: right 0.3s ease 0s; position: fixed; bottom: 14px; right: -186px; box-shadow: gray 0px 0px 5px; border-radius: 2px; overflow: hidden;">
<div class="grecaptcha-logo"><iframe title="reCAPTCHA"
src="https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9rm8cAAAAAEa1mXDqRlCvlsP8t1u1weqyOCJn&co=aHR0cHM6Ly9zZWN1cml0eWJvdWxldmFyZC5jb206NDQz&hl=en&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=invisible&badge=bottomright&cb=51md82k31vhu"
width="256" height="60" role="presentation" name="a-6y4i3ld06x7w" frameborder="0" scrolling="no" sandbox="allow-forms allow-popups allow-same-origin allow-scripts allow-top-navigation allow-modals allow-popups-to-escape-sandbox"
tabindex="-1"></iframe></div>
<div class="grecaptcha-error"></div><textarea id="g-recaptcha-response" name="g-recaptcha-response" class="g-recaptcha-response"
style="width: 250px; height: 40px; border: 1px solid rgb(193, 193, 193); margin: 10px 25px; padding: 0px; resize: none; display: none;"></textarea>
</div><iframe style="display: none;"></iframe>
</div>
</li>
<li id="field_10_6" class="gfield gform_validation_container field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_10_6"><label class="gfield_label" for="input_10_6">Phone</label>
<div class="ginput_container"><input name="input_6" id="input_10_6" type="text" value=""></div>
<div class="gfield_description" id="gfield_description_10_6">This field is for validation purposes and should be left unchanged.</div>
</li>
</ul>
</div>
<div class="gform_footer top_label"> <input type="submit" id="gform_submit_button_10" class="gform_button button" value="Subscribe Now"
onclick="if (!window.__cfRLUnblockHandlers) return false; if(window["gf_submitting_10"]){return false;} window["gf_submitting_10"]=true; "
onkeypress="if (!window.__cfRLUnblockHandlers) return false; if( event.keyCode == 13 ){ if(window["gf_submitting_10"]){return false;} window["gf_submitting_10"]=true; jQuery("#gform_10").trigger("submit",[true]); }">
<input type="hidden" class="gform_hidden" name="is_submit_10" value="1">
<input type="hidden" class="gform_hidden" name="gform_submit" value="10">
<input type="hidden" class="gform_hidden" name="gform_unique_id" value="">
<input type="hidden" class="gform_hidden" name="state_10" value="WyJbXSIsImExN2ZmNzMxNzRmOWUyZjU4NDM0NzI5MzVhYzMzZjI2Il0=">
<input type="hidden" class="gform_hidden" name="gform_target_page_number_10" id="gform_target_page_number_10" value="0">
<input type="hidden" class="gform_hidden" name="gform_source_page_number_10" id="gform_source_page_number_10" value="1">
<input type="hidden" name="gform_field_values" value="">
</div>
<p style="display: none !important;"><label>Δ<textarea name="ak_hp_textarea" cols="45" rows="8" maxlength="100"></textarea></label><input type="hidden" id="ak_js_2" name="ak_js" value="1654045709536"></p>
</form>POST /2022/05/security-advisory-regarding-follina/?utm_source=dlvr.it&utm_medium=twitter#gf_13
<form method="post" enctype="multipart/form-data" target="gform_ajax_frame_13" id="gform_13" class="gpoll_enabled gpoll" action="/2022/05/security-advisory-regarding-follina/?utm_source=dlvr.it&utm_medium=twitter#gf_13">
<div id="gf_progressbar_wrapper_13" class="gf_progressbar_wrapper">
<p class="gf_progressbar_title">Step <span class="gf_step_current_page">1</span> of <span class="gf_step_page_count">4</span>
</p>
<div class="gf_progressbar gf_progressbar_blue" aria-hidden="true">
<div class="gf_progressbar_percentage percentbar_blue percentbar_25" style="width:25%;"><span>25%</span></div>
</div>
</div>
<div class="gform_body gform-body">
<div id="gform_page_13_1" class="gform_page">
<div class="gform_page_fields">
<div id="gform_fields_13" class="gform_fields top_label form_sublabel_below description_below">
<fieldset id="field_13_1" class="gfield field_sublabel_below field_description_below gfield_visibility_visible gpoll_field" data-field-class="gpoll_field" data-js-reload="field_13_1">
<legend class="gfield_label">Do your software teams take an API-First approach?</legend>
<div class="ginput_container ginput_container_radio">
<div class="gfield_radio" id="input_13_1">
<div class="gchoice gchoice_13_1_0">
<input class="gfield-choice-input" name="input_1" type="radio" value="gpoll150cf0c7a" id="choice_13_1_0" onchange="if (!window.__cfRLUnblockHandlers) return false; gformToggleRadioOther( this )">
<label for="choice_13_1_0" id="label_13_1_0">Yes, on all new projects</label>
</div>
<div class="gchoice gchoice_13_1_1">
<input class="gfield-choice-input" name="input_1" type="radio" value="gpoll106f40f6b" id="choice_13_1_1" onchange="if (!window.__cfRLUnblockHandlers) return false; gformToggleRadioOther( this )">
<label for="choice_13_1_1" id="label_13_1_1">Yes, on new projects & retrofit some existing projects</label>
</div>
<div class="gchoice gchoice_13_1_2">
<input class="gfield-choice-input" name="input_1" type="radio" value="gpoll1549e8ad5" id="choice_13_1_2" onchange="if (!window.__cfRLUnblockHandlers) return false; gformToggleRadioOther( this )">
<label for="choice_13_1_2" id="label_13_1_2">Not a priority at this time</label>
</div>
<div class="gchoice gchoice_13_1_3">
<input class="gfield-choice-input" name="input_1" type="radio" value="gpoll16b753285" id="choice_13_1_3" onchange="if (!window.__cfRLUnblockHandlers) return false; gformToggleRadioOther( this )">
<label for="choice_13_1_3" id="label_13_1_3">Not sure what API-First is</label>
</div>
</div>
</div>
</fieldset>
</div>
</div>
<div class="gform_page_footer top_label">
<input type="button" id="gform_next_button_13_7" class="gform_next_button button" value="Next"
onclick="if (!window.__cfRLUnblockHandlers) return false; jQuery("#gform_target_page_number_13").val("2"); jQuery("#gform_13").trigger("submit",[true]); "
onkeypress="if (!window.__cfRLUnblockHandlers) return false; if( event.keyCode == 13 ){ jQuery("#gform_target_page_number_13").val("2"); jQuery("#gform_13").trigger("submit",[true]); } ">
</div>
</div>
<div id="gform_page_13_2" class="gform_page" style="display:none;">
<div class="gform_page_fields">
<div id="gform_fields_13_2" class="gform_fields top_label form_sublabel_below description_below">
<fieldset id="field_13_3" class="gfield field_sublabel_below field_description_below gfield_visibility_visible gpoll_field" data-field-class="gpoll_field" data-js-reload="field_13_3">
<legend class="gfield_label">Is your API discovery:</legend>
<div class="ginput_container ginput_container_radio">
<div class="gfield_radio" id="input_13_3">
<div class="gchoice gchoice_13_3_0">
<input class="gfield-choice-input" name="input_3" type="radio" value="gpoll367ee0e0f" id="choice_13_3_0" onchange="if (!window.__cfRLUnblockHandlers) return false; gformToggleRadioOther( this )">
<label for="choice_13_3_0" id="label_13_3_0">Primarily automated</label>
</div>
<div class="gchoice gchoice_13_3_1">
<input class="gfield-choice-input" name="input_3" type="radio" value="gpoll3deb26c8a" id="choice_13_3_1" onchange="if (!window.__cfRLUnblockHandlers) return false; gformToggleRadioOther( this )">
<label for="choice_13_3_1" id="label_13_3_1">Primarily manual</label>
</div>
<div class="gchoice gchoice_13_3_2">
<input class="gfield-choice-input" name="input_3" type="radio" value="gpoll317c08422" id="choice_13_3_2" onchange="if (!window.__cfRLUnblockHandlers) return false; gformToggleRadioOther( this )">
<label for="choice_13_3_2" id="label_13_3_2">Hybrid of automated and manual</label>
</div>
<div class="gchoice gchoice_13_3_3">
<input class="gfield-choice-input" name="input_3" type="radio" value="gpoll381c160c6" id="choice_13_3_3" onchange="if (!window.__cfRLUnblockHandlers) return false; gformToggleRadioOther( this )">
<label for="choice_13_3_3" id="label_13_3_3">Don’t know</label>
</div>
</div>
</div>
</fieldset>
</div>
</div>
<div class="gform_page_footer top_label">
<input type="button" id="gform_previous_button_13_8" class="gform_previous_button button" value="Previous"
onclick="if (!window.__cfRLUnblockHandlers) return false; jQuery("#gform_target_page_number_13").val("1"); jQuery("#gform_13").trigger("submit",[true]); "
onkeypress="if (!window.__cfRLUnblockHandlers) return false; if( event.keyCode == 13 ){ jQuery("#gform_target_page_number_13").val("1"); jQuery("#gform_13").trigger("submit",[true]); } "> <input
type="button" id="gform_next_button_13_8" class="gform_next_button button" value="Next"
onclick="if (!window.__cfRLUnblockHandlers) return false; jQuery("#gform_target_page_number_13").val("3"); jQuery("#gform_13").trigger("submit",[true]); "
onkeypress="if (!window.__cfRLUnblockHandlers) return false; if( event.keyCode == 13 ){ jQuery("#gform_target_page_number_13").val("3"); jQuery("#gform_13").trigger("submit",[true]); } ">
</div>
</div>
<div id="gform_page_13_3" class="gform_page" style="display:none;">
<div class="gform_page_fields">
<div id="gform_fields_13_3" class="gform_fields top_label form_sublabel_below description_below">
<fieldset id="field_13_4" class="gfield field_sublabel_below field_description_below gfield_visibility_visible gpoll_field" data-field-class="gpoll_field" data-js-reload="field_13_4">
<legend class="gfield_label">Is API Security integrated into your DevOps processes?</legend>
<div class="ginput_container ginput_container_radio">
<div class="gfield_radio" id="input_13_4">
<div class="gchoice gchoice_13_4_0">
<input class="gfield-choice-input" name="input_4" type="radio" value="gpoll438dd9727" id="choice_13_4_0" onchange="if (!window.__cfRLUnblockHandlers) return false; gformToggleRadioOther( this )">
<label for="choice_13_4_0" id="label_13_4_0">Yes</label>
</div>
<div class="gchoice gchoice_13_4_1">
<input class="gfield-choice-input" name="input_4" type="radio" value="gpoll41c64391d" id="choice_13_4_1" onchange="if (!window.__cfRLUnblockHandlers) return false; gformToggleRadioOther( this )">
<label for="choice_13_4_1" id="label_13_4_1">No</label>
</div>
<div class="gchoice gchoice_13_4_2">
<input class="gfield-choice-input" name="input_4" type="radio" value="gpoll49f65d595" id="choice_13_4_2" onchange="if (!window.__cfRLUnblockHandlers) return false; gformToggleRadioOther( this )">
<label for="choice_13_4_2" id="label_13_4_2">Partially (is a work-in-progress)</label>
</div>
</div>
</div>
</fieldset>
</div>
</div>
<div class="gform_page_footer top_label">
<input type="button" id="gform_previous_button_13_9" class="gform_previous_button button" value="Previous"
onclick="if (!window.__cfRLUnblockHandlers) return false; jQuery("#gform_target_page_number_13").val("2"); jQuery("#gform_13").trigger("submit",[true]); "
onkeypress="if (!window.__cfRLUnblockHandlers) return false; if( event.keyCode == 13 ){ jQuery("#gform_target_page_number_13").val("2"); jQuery("#gform_13").trigger("submit",[true]); } "> <input
type="button" id="gform_next_button_13_9" class="gform_next_button button" value="Next"
onclick="if (!window.__cfRLUnblockHandlers) return false; jQuery("#gform_target_page_number_13").val("4"); jQuery("#gform_13").trigger("submit",[true]); "
onkeypress="if (!window.__cfRLUnblockHandlers) return false; if( event.keyCode == 13 ){ jQuery("#gform_target_page_number_13").val("4"); jQuery("#gform_13").trigger("submit",[true]); } ">
</div>
</div>
<div id="gform_page_13_4" class="gform_page" style="display:none;">
<div class="gform_page_fields">
<div id="gform_fields_13_4" class="gform_fields top_label form_sublabel_below description_below">
<fieldset id="field_13_11" class="gfield gfield--width-full field_sublabel_below field_description_below gfield_visibility_visible gpoll_field" data-field-class="gpoll_field" data-js-reload="field_13_11">
<legend class="gfield_label gfield_label_before_complex">What do you rely upon for API security solutions? (check all that apply)</legend>
<div class="ginput_container ginput_container_checkbox">
<div class="gfield_checkbox" id="input_13_11">
<div class="gchoice gchoice_13_11_1">
<input class="gfield-choice-input" name="input_11.1" type="checkbox" value="gpoll116d9c0f66" id="choice_13_11_1">
<label for="choice_13_11_1" id="label_13_11_1">Open source software</label>
</div>
<div class="gchoice gchoice_13_11_2">
<input class="gfield-choice-input" name="input_11.2" type="checkbox" value="gpoll11536c0328" id="choice_13_11_2">
<label for="choice_13_11_2" id="label_13_11_2">Commercial software</label>
</div>
<div class="gchoice gchoice_13_11_3">
<input class="gfield-choice-input" name="input_11.3" type="checkbox" value="gpoll11911a69c0" id="choice_13_11_3">
<label for="choice_13_11_3" id="label_13_11_3">Cloud Service Provider</label>
</div>
<div class="gchoice gchoice_13_11_4">
<input class="gfield-choice-input" name="input_11.4" type="checkbox" value="gpoll11a51b37db" id="choice_13_11_4">
<label for="choice_13_11_4" id="label_13_11_4">SaaS</label>
</div>
<div class="gchoice gchoice_13_11_5">
<input class="gfield-choice-input" name="input_11.5" type="checkbox" value="gpoll1133c596b0" id="choice_13_11_5">
<label for="choice_13_11_5" id="label_13_11_5">Manage Service Provider</label>
</div>
<div class="gchoice gchoice_13_11_6">
<input class="gfield-choice-input" name="input_11.6" type="checkbox" value="gpoll117954aac6" id="choice_13_11_6">
<label for="choice_13_11_6" id="label_13_11_6">Internally built solutions</label>
</div>
</div>
</div>
</fieldset>
<div id="field_13_12" class="gfield gform_validation_container field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_13_12"><label class="gfield_label" for="input_13_12">Email</label>
<div class="ginput_container"><input name="input_12" id="input_13_12" type="text" value=""></div>
<div class="gfield_description" id="gfield_description_13_12">This field is for validation purposes and should be left unchanged.</div>
</div>
</div>
</div>
<div class="gform_page_footer top_label"><input type="submit" id="gform_previous_button_13" class="gform_previous_button button" value="Previous"
onclick="if (!window.__cfRLUnblockHandlers) return false; if(window["gf_submitting_13"]){return false;} window["gf_submitting_13"]=true; "
onkeypress="if (!window.__cfRLUnblockHandlers) return false; if( event.keyCode == 13 ){ if(window["gf_submitting_13"]){return false;} window["gf_submitting_13"]=true; jQuery("#gform_13").trigger("submit",[true]); }">
<input type="submit" id="gform_submit_button_13" class="gform_button button" value="Submit"
onclick="if (!window.__cfRLUnblockHandlers) return false; if(window["gf_submitting_13"]){return false;} window["gf_submitting_13"]=true; "
onkeypress="if (!window.__cfRLUnblockHandlers) return false; if( event.keyCode == 13 ){ if(window["gf_submitting_13"]){return false;} window["gf_submitting_13"]=true; jQuery("#gform_13").trigger("submit",[true]); }">
<input type="hidden" name="gform_ajax" value="form_id=13&title=1&description=1&tabindex=0">
<input type="hidden" class="gform_hidden" name="is_submit_13" value="1">
<input type="hidden" class="gform_hidden" name="gform_submit" value="13">
<input type="hidden" class="gform_hidden" name="gform_unique_id" value="">
<input type="hidden" class="gform_hidden" name="state_13"
value="WyJ7XCI0XCI6W1wiYjBhNDNiNGM0NmZjOTJkODQyN2YxMTQ1YjJmNmUzNGFcIixcImU1NzFmZDdjMzQxZDkxY2E1NzgzYzI4MzAyMTJiNTBlXCIsXCJmMjBiYzFjOTI3N2YwNWRjYzlmZDAwNzI1OGE5OGZjYVwiXX0iLCJmNjA5NDhmMWMxZjUxMWY1ZjI3YmVmMGIyYTcyYTU2MyJd">
<input type="hidden" class="gform_hidden" name="gform_target_page_number_13" id="gform_target_page_number_13" value="2">
<input type="hidden" class="gform_hidden" name="gform_source_page_number_13" id="gform_source_page_number_13" value="1">
<input type="hidden" name="gform_field_values" value="">
</div>
</div>
</div>
<p style="display: none !important;"><label>Δ<textarea name="ak_hp_textarea" cols="45" rows="8" maxlength="100"></textarea></label><input type="hidden" id="ak_js_1" name="ak_js" value="1654045709537">
<script type="text/javascript">
document.getElementById("ak_js_1").setAttribute("value", (new Date()).getTime());
</script>
</p>
</form>Text Content
Tuesday, May 31, 2022 * Hybrid PKI with Google CAS and Keyfactor Autoenrollment * Berkshire Bank Banks on Salt for API Protection * Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions * Zero Day Initiative’s Pwn2Own Vancouver 2022 – Keith Yeo Vs. Ubuntu Desktop * Steps to Establish an Effective Zero Trust Framework * * * * * * * SECURITY BOULEVARD The Home of the Security Bloggers Network Community Chats Webinars Library * Home * Cybersecurity News * Features * Industry Spotlight * News Releases * Security Bloggers Network * Latest Posts * Contributors * Syndicate Your Blog * Write for Security Boulevard * Events * Upcoming Events * Upcoming Webinars * On-Demand Events * On-Demand Webinars * Chat * Security Boulevard Chat * Marketing InSecurity Podcast * Library * Related Sites * Techstrong Group * Container Journal * DevOps.com * Security Boulevard * Techstrong Research * Techstrong TV * Devops Chat * DevOps Dozen * DevOps TV * Digital Anarchist * Media Kit * About Us * Analytics * AppSec * CISO * Cloud * DevOps * GRC * Identity * Incident Response * IoT / ICS * Threats / Breaches * More * Blockchain / Digital Currencies * Careers * Cyberlaw * Mobile * Social Engineering * Humor TwitterLinkedInFacebookRedditEmailShare Security Bloggers Network Home » Security Bloggers Network » Security Advisory Regarding Follina SECURITY ADVISORY REGARDING FOLLINA by Rob Hooven on May 31, 2022 CVE-2022-30190 (FOLLINA) DETAILS Hurricane Labs is aware of the recent CVE-2022-30190 / Follina Zero-Day. Follina is a remote code execution vulnerability that exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights. AFFECTED PRODUCTS Microsoft Word / Office & Windows (all versions) KNOWN ATTACK VECTORS The known attack vectors include documents and attachments that are opened in preview windows or full-application suites that have the MSDT URL protocol enabled. This includes attachments sent in Outlook that have a Word or Rich Text Format that can trigger the URL protocol for no-click execution of the remote code. Microsoft Word’s remote template feature is leveraged to retrieve an HTML file from a remote web server, which then triggers the ms-msdt MSProtocol URI scheme to load code and execute PowerShell commands. SHOULD I BE CONCERNED? This remote code execution vulnerability is certainly concerning, and the available mitigations listed below should be applied as appropriate in your environment. Because the attack vector requires no actual user interaction other than previewing an email or attachment, anyone is vulnerable. DETECTION AND MITIGATION For workarounds as well as detection and protections, refer to the Guidance for CVE-2022-30190 post by Microsoft Security Response Center. For details on how to disable the File Type association for ms-msdt or to disable preview in Windows Explorer, see here. RESOLUTION There are no current remediation measures in place from Microsoft in the form of patches as of this writing. Microsoft will provide updates on this vulnerability here. HURRICANE LABS’ RECOMMENDED ACTIONS Hurricane Labs recommends that you patch all software and update antivirus suites to the latest versions, along with applying the available mitigations listed in this advisory. REFERENCES * Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability via Microsoft Security Response Center * New Microsoft Office Zero-day “Follina” – Detection & Response via SOC Investigation * Automating with PowerShell: Enable M365 activity based time-out & Office Code Execution fix via CyberDrain * Follina — a Microsoft Office code execution vulnerability via DoublePulsar For more information on Hurricane Labs services, visit our Security Services page. The post Security Advisory Regarding Follina appeared first on Hurricane Labs. *** This is a Security Bloggers Network syndicated blog from Hurricane Labs authored by Rob Hooven. Read the original post at: https://hurricanelabs.com/security-advisory/security-advisory-regarding-follina/?utm_source=rss&utm_medium=rss&utm_campaign=security-advisory-regarding-follina May 31, 2022May 31, 2022 Rob Hooven 0 Comments Security Advisory * ← Protect Your Executives’ Cybersecurity Amidst Global Cyberwar * Follina Zero-day Exploit Permits Attackers Complete Takeover of Victim Systems Through Malicious Microsoft Office Documents → TECHSTRONG TV – LIVE Click full-screen to enable volume control Watch latest episodes and shows SUBSCRIBE TO OUR NEWSLETTERS Get breaking news, free eBooks and upcoming events delivered to your inbox. * Email* * View Security Boulevard Privacy Policy * * * CAPTCHA * Phone This field is for validation purposes and should be left unchanged. Δ MOST READ ON THE BOULEVARD MITRE ATT&CK Framework Explained: Why it Matters Making the Metaverse Safe For Everyone Cybersecurity Mesh: What It Is and Why You Need It Shodan: Still the Scariest Search Engine on the Internet? Hunters Brings More Automation to SOC Platform Tools to Identify Exfiltration of Large Cryptocurrency Holdings Will Reduce Risk of Large Cyberattacks and Fraud on DeFi Platforms 4 Reasons MSPs Should Monitor Their GitHub Footprint Is JumpCloud University’s Core Certification Worth It? Cybersecurity News Round-Up: Week of May 23, 2022 Securing applications in the multi-cloud: Where should organizations start? UPCOMING WEBINARS Jun 01 THE 2022 GUIDE TO API SECURITY June 1 @ 11:00 am - 12:00 pm Jun 01 SECURITY FROM CODE TO CLOUD AND BACK TO CODE June 1 @ 1:00 pm - 2:00 pm Jun 08 BEYOND UNIFICATION: HOW CNAP SHOULD REDUCE CLOUD SECURITY RISK June 8 @ 11:00 am - 12:00 pm Jun 08 WHEN LESS IS MORE: FULL LIFE CYCLE SERVERLESS SECURITY June 8 @ 1:00 pm - 2:00 pm Jun 15 TOP 5 REASONS WHY EFFECTIVE SDLC SECURITY CONTROLS ARE SO DIFFICULT June 15 @ 1:00 pm - 2:00 pm Jun 21 WHY CLOUD-NATIVE APPLICATIONS AND APIS ARE AT RISK June 21 @ 1:00 pm - 2:00 pm Jun 28 CISO TALK MASTER CLASS EPISODE: CATCH LIGHTNING IN A BOTTLE – THE ESSENTIALS: BRINGING IT ALL TOGETHER June 28 @ 1:00 pm - 2:00 pm More Webinars DOWNLOAD FREE EBOOK INDUSTRY SPOTLIGHT Cybersecurity Governance, Risk & Compliance Industry Spotlight IoT & ICS Security Security Awareness Security Boulevard (Original) Threat Intelligence CARS IN THE CROSSHAIRS: AUTOMAKERS, REGULATORS TAKE ON CYBERSECURITY May 23, 2022 Mike Hodge | May 23 0 Comments Cybersecurity Endpoint Industry Spotlight IoT & ICS Security Security Boulevard (Original) Vulnerabilities ESTABLISHING A ROOT OF TRUST IN EMBEDDED LINUX AND IOT April 18, 2022 Anita Buehrle | Apr 18 Comments Off on Establishing a Root of Trust in Embedded Linux and IoT Cybersecurity Data Security Identity & Access Industry Spotlight Network Security Security Boulevard (Original) ATTORNEY-CLIENT PRIVILEGE AND EMAIL PRIVACY April 7, 2022 Mark Rasch | Apr 07 Comments Off on Attorney-Client Privilege and Email Privacy TOP STORIES Cybersecurity Featured Incident Response News Security Awareness Security Boulevard (Original) Spotlight Threat Intelligence HUNTERS BRINGS MORE AUTOMATION TO SOC PLATFORM May 31, 2022 Michael Vizard | Yesterday 0 Comments Analytics & Intelligence Application Security Cloud Security Cyberlaw Cybersecurity Data Security DevOps Endpoint Featured Governance, Risk & Compliance Identity & Access Incident Response Malware Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities DIGITAL DRIVER’S LICENSE FAILS SPECTACULARLY — ‘LAUGHABLY EASY’ TO FORGE May 26, 2022 Richi Jennings | May 26 1 Comment Analytics & Intelligence Application Security Cloud Security Cybersecurity Data Security Featured Governance, Risk & Compliance Identity & Access Incident Response Mobile Security Most Read This Week Network Security News Popular Post Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities ZOLA WEDDING APP ‘HACKED’ — VICTIMS LOSE BIG MONEY May 24, 2022 Richi Jennings | May 24 0 Comments SECURITY HUMOR ROBERT M. LEE’S & JEFF HAAS’ LITTLE BOBBY COMIC – ‘WEEK 383’ JOIN THE COMMUNITY * Add your blog to Security Bloggers Network * Write for Security Boulevard * Bloggers Meetup and Awards * Ask a Question * Email: info@securityboulevard.com USEFUL LINKS * About * Media Kit * Sponsors Info * Copyright * TOS * DMCA Compliance Statement * Privacy Policy RELATED SITES * Techstrong Group * Container Journal * DevOps.com * Techstrong Research * Techstrong TV * DevOps Chat * DevOps Dozen * DevOps TV * Digital Anarchist * * * * * * * Copyright © 2022 Techstrong Group Inc. All rights reserved. ✓ Thanks for sharing! AddToAny More… Notifications previousnextslideshow DEVOPS AND APIS Step 1 of 4 25% Do your software teams take an API-First approach? Yes, on all new projects Yes, on new projects & retrofit some existing projects Not a priority at this time Not sure what API-First is Is your API discovery: Primarily automated Primarily manual Hybrid of automated and manual Don’t know Is API Security integrated into your DevOps processes? Yes No Partially (is a work-in-progress) What do you rely upon for API security solutions? (check all that apply) Open source software Commercial software Cloud Service Provider SaaS Manage Service Provider Internally built solutions Email This field is for validation purposes and should be left unchanged. Δ