Security News > 2023 > December > Week in review: Apache Struts vulnerability exploit attempt, EOL Sophos firewalls get hotfix

EOL Sophos firewalls get hotfix for old but still exploited vulnerabilityOver a year has passed since Sophos delivered patches for a vulnerability affecting Sophos Firewalls that was being actively exploited by attackers, and now they have pushed additional ones to protect vulnerable EOL devices.

Attackers are trying to exploit Apache Struts vulnerabilityAttackers are trying to leverage public proof-of-exploit exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2.

eIDAS: EU's internet reforms will undermine a decade of advances in online securityThe European Union's attempt to reform its electronic identification and trust services - a package of laws better known as eIDAS 2.0 - contains legislation that poses a grave threat to online privacy and security.

Security automation gains traction, prompting a "Shift everywhere" philosophyThe use of automated security technology is growing rapidly, which in turn is propagating the "Shift everywhere" philosophy - performing security tests throughout the entire software development life cycle - across more organizations, according to Synopsys.

WhatsApp, Slack, Teams, and other messaging platforms face constant security risks42% of businesses report employees with BYOD devices in business settings that use tools like WhatsApp have led to new security incidents, according to SafeGuard Cyber.

Photos: CyberMarketingCon 2023Help Net Security sponsored and attended Cybersecurity Marketing Society's CyberMarketingCon 2023 in Austin, TX. New infosec products of the week: December 15, 2023Here's a look at the most interesting products from the past week, featuring releases from Censys, Confirm, Drata, Safe Security, and SpecterOps.

News URL

https://www.helpnetsecurity.com/2023/12/17/week-in-review-apache-struts-vulnerability-exploit-attempt-eol-sophos-firewalls-get-hotfix/