Resources

Topics

XM Cyber Advisory – OpenSSL Critical Vulnerability
Zur Ulianitzky and David Azria | Blog

Overview According to the OpenSSL team, on November 1st, 2022, a new version, number 3.0.7 will be released (https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html). It’s interesting to note that…

XM Cyber Advisory – Follina, CVE-2022-30190, Zero Day
Zur Ulianitzky and Bill Ben Haim | Blog

On May 27, a new zero day critical vulnerability called Follina was discovered by the nao_sec security research team. The vulnerability resides in malicious…

XM Cyber Advisory – Spring4Shell, Zero Day
Zur Ulianitzky; Ilay Grossman | Blog

Overview On March 30, A new zero day critical vulnerability was leaked in another open source software library. The vulnerability affects Spring Framework which…

Time to go beyond Log4Shell and see the entire attack path
Blog

Today’s organizations are overwhelmed since the world first learned about the Log4Shell vulnerability (aka Log4J CVE-2021-44228, CVE-2021-45046). If prioritizing your vulnerabilities was a daunting…

XM Cyber Advisory – Log4Shell, CVE-2021-44228
Blog

Overview Last Thursday, December 9, the Log4Shell vulnerability, CVE-2021-44228 (CVSS score 10), was discovered. This remote code execution (RCE) vulnerability was being exploited in…

See all ways we can help you

See what attackers see, so you can stop them from doing what attackers do.