A critical remote code execution (RCE) vulnerability, identified as CVE-2024-43044, has been discovered in Jenkins, one of the most widely used automation servers. The vulnerability resides in the ClassLoaderProxy#fetchJar method and could allow attackers to compromise Jenkins environments by exploiting unrestricted file path requests from agents to the Jenkins controller. Understanding CVE-2024-43044 CVE-2024-43044 is a […]

We are excited to announce Upwind Orbital View – an easy, new way to visualize your most important resource information through holistic inventory mapping and dynamic network analysis, helping you rapidly understand your resources’ behavior and risks. The Upwind Orbital View can be found in the Resource Overview section of the Upwind Topology Map, giving […]

We are excited to announce a new addition to Upwind’s industry-leading container security capabilities, giving you the ability to easily view information about highly privileged identities for every containerized resource in your cloud environment.  The Upwind Cloud Security Platform goes beyond traditional CWPP solutions to leverage runtime insights and correlate them with your most important […]

In recent years, there has been a significant increase in adversaries exploiting popular messaging apps such as Telegram, Discord, Signal, and others to conceal their malicious activities. Among these platforms, Telegram stands out due to its robust security features, including end-to-end encryption and anonymous account creation, making it a go-to tool for cybercriminals. Overview Most […]

Overview On July 30, 2024, a critical zero-day vulnerability (CVE-2024-7965) was discovered in Google Chrome’s V8 JavaScript engine. Google swiftly responded with an emergency patch after confirming that this flaw was being actively exploited in the wild. On August 26, 2024, Google released a new Chrome version addressing this issue that all Chrome users should […]

In Kubernetes, understanding identity escalation paths is crucial for managing security risks effectively. This blog post delves into defining highly privileged identities and exploring potential privilege escalation paths using highly privileged permissions. Definition of a Highly Privileged Identity in Kubernetes In Kubernetes, a highly privileged identity refers to entities such as users or service accounts […]

Upwind’s runtime vulnerability management leverages real-time, runtime insights and correlates them with CI/CD and DevOps context, giving you end-to-end visibility and protection for Kubernetes and associated workloads.  Upwind’s vulnerability management intelligently prioritizes your most critical vulnerabilities based on real environmental factors, cutting out around 95% of alert noise to focus on the risks that pose […]

We are excited to announce the release of the Upwind Security Feed – a native feed accessible from directly within the Upwind platform, providing you with constantly updated information about new and emerging attacks, zero days, and security trends that are relevant to your environment and should be investigated further. The Upwind Security Research team […]

File-based attacks are a growing concern in cybersecurity. These attacks involve tampering with files to gain unauthorized access, steal information, or cover up malicious activities. In this post, we’ll break down what file-based attacks are, look at some real-world examples, and walk through a typical attack scenario. What Are File-Based Attacks? File-based attacks exploit how […]

We are excited to announce a major new capability in the Upwind Platform – Upwind Agentless Cloud Scanners. At Upwind, we are on a mission to simplify cloud security and build a comprehensive CNAPP that is easy to use, solves a variety of use cases, and serves as a central point where Dev, Sec and […]