VMware vCenter Server Remote Code Execution Vulnerability – CVE-2021-21972

by Nadia Meichtry

On 23 February 2021, VMware published a Security Advisory. It indicates that VMware vCenter Server is vulnerable to an RCE (Remote Code Execution) vulnerability that has been rated critical.

[read the German article]

12 April 2021: Webinar on Techniques and Tools Used by Cybercriminals

In the Digicomp webinar „Techniques and Tools That Cybercriminals Use for Attacks“ (in German only), Yves Kraft, Branch Manager Bern and Senior Penetration Tester & Security Consultant, will explain which strategies cybercriminals pursue and why SMEs and private individuals are also increasingly targeted by attackers.

The DigiSnack webinar will take place on Monday, 12 April 2021, from 14:00 to 14:45.

Please check the Digicomp website for further information and registration.

OWASP Top 10 Proactive Controls – Part 1

by Lena Reitzle

You could say that the OWASP Top 10 Proactive Controls is a bit different from other better-known OWASP top ten lists – for example, the ten most critical risks for web applications (“OWASP Top 10”) or APIs (“OWASP API Security Top 10”) – because it goes beyond simply describing potential risks: The Proactive Controls are primarily aimed at developers and provide them with specific measures for developing secure applications. They also serve to raise awareness among developers of the immense importance of application security.

This first part of the two-part article describes Proactive Controls C1 through C5. The following second part will take a closer look at C6 through C10.

[read the German article]