What the Apache Struts vulnerability means for you

Unless you’ve been avoiding the news lately, you’ve likely heard about a few major breaches and the Apache Struts vulnerabilities associated with them. Apache Struts 2 is an elegant, extensible framework for building enterprise-ready Java web applications. But unfortunately this…

Read More

Introduction to Software Vulnerability Assessment

CloudPassage Halo’s Software Vulnerability Assessment module (SVA), is one of the most critical components of the Halo platform. The SVA module regularly scans all of your protected servers to detect known vulnerable packages, providing universal visibility into your workloads. These…

Read More

Petya / GoldenEye is spreading. Here’s how Halo can help.

The latest wave of ransomware, Petya/GoldenEye, started hitting Ukraine, Russia and western Europe earlier today and has already brought down critical infrastructure. Among those confirmed as impacted are Kiev’s main airport and metro system, Ukraine’s state power company, and several…

Read More

Healthcare servers at risk for attack: CloudPassage CTO weighs in

Last week the FBI issued a warning regarding cybercriminals specifically targeting FTP servers operating in anonymous mode. The warning applied to FTP servers associated with medical and dental facilities that hold access to protected health information and personally identifiable information….

Read More

Vulnerability: CVE-2017-6074 Linux Kernel DCCP double free

On Friday February 17th, 2017 the Linux Kernel team released a patch for a double-free vulnerability in the Linux kernel. On Wednesday February 22nd, 2017 the bug was revealed to the oss-sec mailing list. This Privilege Escalation vulnerability is a…

Read More

RSA award roundup

It’s been a banner week for us here at CloudPassage! In this season of Grammys, Globes, Oscars, Spammies, and so many more, we’ve garnered four technical excellence awards for Halo. While this may not impress Patriots fans, we’re extremely gratified…

Read More