Why Is Gartner Talking About External Attack Surface Management (EASM) In a recent report from Gartner, External Attack Surface Management (EASM) has been introduced as an important emerging technology in cybersecurity. The report states that EASM is an upcoming service in the product category for identifying risks through Internet-faced assets that an or

A hacker discovered a XXE flaw in the EpubCheck library that affects major epub services causing information disclosure and denial of service conditions. The security expert and bug hunter Craig Arendt (@craig_arendt) has discovered flaws in major eBook readers including the ones commercialized by Amazon, Apple, and Google. The expert discovered different XM

VMware has patched an information disclosure vulnerability affecting a number of its products that use Flex BlazeDS.The original vulnerability was discovered and disclosed in August by Matthias Kaiser of Code White GmbH. Researchers there found a XML External Entity flaw in Apache Flex BlazeDS. XXE vulnerabilities are found in web applications that parse X

Adobe is today expected to push a hotfix through to implementations of its LiveCycle Data Services application framework.The company said the vulnerability, CVE-2015-3269, affects versions 4.7, 4.6.2, 4.5 and 3.0.x on Windows, Macintosh and UNIX systems. Adobe is not aware of public exploits of this flaw, the company said in its advisory. Exploits against th