Vulnerability CVE-2015-4852 has been detected in widely used Apache Commons Collections library.
You might have followed the war in Ukraine in the past year and a half and come across the term OSINT. Before the war, the term was, in my opinion, mostly known from the MH17 incident and Bellingcat, but what exactly is OSINT? What are its uses?
Nixu Corporation, Press release, March 24, 2020 at 14.20 EET
Nixu Corporation, Stock Exchange Release, July 12, 2022, at 9.00 a.m. EEST
Insider information
This is the third blog in the series on the migration of Role Based Access Control to Attribute Based Access Control.
Nixu Corporation, Stock Exchange Release, June 6, 2023, 12.00 p.m. EET
Nixu Corporation, Press release May 13 at 11:30 AM EEST
AI can be a great tool for improving cybersecurity. Well, not just a tool, but something many times more complex that can pick up anomalies at a speed faster than any human, learn continuously and become more efficient as it goes along.
Moscow’s hope of a blitzkrieg campaign has turned into a protracted war.
Petya ransomware has already been around for months as a more traditional malware that spreads through e-mail. The new developments in this case involve the addition of tips and tricks taken from WannaCry ransomware, the last big thing that hit the world close to a month ago.
Nixu Corporation Stock Exchange Release on October 14, 2020 at 11:20 am EEST
Applications get new features every day, and at the same time, security functions change. How do developers and architects keep up? Nixu’s cybersecurity expert Teo Selenius started to keep a blog to keep his findings in order, and to share the latest features. Appsecmonkey.com is growing rapidly.
Nixu Corporation
Press release, July 2, 2018 at 8:35 am EEST
Nixu Corporation
Press release, April 9, 2018 at 10.00 AM EET
Bug bounty programs are growing in popularity worldwide. But what are they really about? Can anyone become a bug bounty hunter? Cybersecurity consultant by day, bounty hunter by night – Nixu’s cybersecurity expert Tomi lets us in on the secrets of bug bounty hunting.
Nixu Corporation, Stock Exchange Release on August 11, 2022 at 8:30 a.m. EEST
In mid-December 2021 a new Zero-day was made public - Log4Shell (CVE-2021-44228). The following post is a short summary of what NDR is and how it fits in an overall detection strategy and as a case study of hunting for the zero-day using available metadata.
Static code analysis – check. Scanning for vulnerable components – sure. Dynamic application testing – check. Penetration testing – check. Too many security testing reports – check! If you have invested in application security but feel like you are getting lost in all the reports or don't even know if the tools are being used, Application Security Orchestration and Correlation is something for you.
Nixu Corporation
Press release, September 12, 2017 at 13:15 EET
Nixu Corporation, Stock Exchange Release, February 28, 2022 at 9:00 a.m. EET