A critical Remote Code Execution (RCE) vulnerability identified as CVE-2024-21534 has been discovered in versions of the jsonpath-plus package before 10.0.0. This vulnerability allows attackers to execute arbitrary code on affected systems by exploiting improper input sanitization and the unsafe default usage of the vm module in Node.js. jsonpath-plus is a JavaScript implementation of JSONPath […]

We are excited to announce support for AWS Lambda as a part of Upwind’s agentless Cloud Scanners. Upwind’s protection for Lambda functions running on AWS can be seen throughout the Upwind platform, extending our proactive risk analysis and visibility across  your entire cloud infrastructure – from containers to VMs to serverless. What are Lambda Functions? […]

Upwind’s eBPF sensor is lightweight and high performance, which was recently shown in a record-breaking image scan with customer H2O.ai. When scanning H2O.ai’s 30GB container image with multiple dependencies, the Upwind sensor consumed less than 1GB of RAM, about 3% of the image size, demonstrating how Upwind ensures comprehensive runtime security coverage with a lightweight […]

Upwind’s research team dives into the latest cloud ransomware threats and top ways to protect your organization. The webinar recording also covers the recent CUPS RCE zero-day vulnerability and looks at how to safeguard your systems.

We are excited to announce that Upwind has been named by CRN as one of the top ten up-and-coming players in the cloud, identity and data security segments. The list features startups founded since 2020 with major announcements or achievements in 2024.  Upwind was also recently named as the Fastest Growing AppSec Company in the […]

The Upwind platform includes comprehensive protection for cloud infrastructure and applications, including Amazon Elastic Container Service (ECS) Fargate.  AWS Fargate has numerous advantages, but it also presents unique cloud security challenges, which Upwind actively solves with real-time monitoring and protection. In this article, we will cover the basic anatomy of AWS Fargate, challenges that make […]

Upwind CEO Amiram Shachar joins NYSE TV to discuss Upwind’s next-generation cloud security platform, including its use of AI and machine learning to ensure comprehensive cloud security.

The Upwind Cloud Security Platform provides comprehensive protection for infrastructure and applications across any cloud environments, including Microsoft Azure.  This includes protection for Azure assets, infrastructure and applications within  every capability  of the Upwind platform, including: “Upwind seamlessly protects our Azure environment, making it easy to understand our most critical cloud security posture findings, automatically […]

Remote Code Execution (RCE) in CUPS via ‘cups-browsed’ CUPS (Common Unix Printing System) is a popular printing system for Unix-like systems, with cups-browsed responsible for printer discovery and network browsing. A recent vulnerability in cups-browsed allows Remote Code Execution (RCE) through manipulated printer discovery responses. This vulnerability is caused by insufficient input validation on UDP […]

Several critical Linux vulnerabilities have been declared, involving a bug in CUPS, the Common UNIX Printing System. All versions of Red Hat Enterprise Linux (RHEL) are among the Linux distributions affected, but not in default configuration.  There are four vulnerabilities that have been identified and allocated the following CVEs – CVE-2024-47076, CVE-2024-47175, CVE-2024-47176 and CVE-2024-47177. […]