OpenSSL - Cyber Security Review

OpenSSL - Cyber Security Review

CVE-2024-0394: Rapid7 Minerva Armor Privilege Escalation (FIXED)

Posted onApril 3, 2024April 3, 2024

Rapid7 is disclosing CVE-2024-0394, a privilege escalation vulnerability in Rapid7 Minerva’s Armor product family. Minerva uses the open-source OpenSSL library for cryptographic functions and to support secure communications. The root cause of this vulnerability is Minerva’s implementation of OpenSSL’s OPENSSLDIR Read More …

CVE-2022-3786 and CVE-2022-3602: OpenSSL X.509 Buffer Overflows

Posted onDecember 2, 2022August 14, 2023

On November 1, 2022, OpenSSL released a security advisory describing two high severity vulnerabilities within the OpenSSL library (CVE-2022-3786 and CVE-2022-3602). OpenSSL versions from 3.0.0 – 3.0.6 are vulnerable, with 3.0.7 containing the patch for both vulnerabilities. OpenSSL 1.1.1 and Read More …

OpenSSL downgrades horror bug after week of panic, hype

Posted onNovember 1, 2022August 15, 2023

OpenSSL today issued a fix for a critical-turned-high-severity vulnerability that project maintainers warned about last week. After days of speculation, infosec professionals and armchair bug hunters received more of a trick than a treat on November 1: two CVE-tagged security Read More …

LATEST ARTICLES

THE STRATEGIC IMPORTANCE OF DIGITAL SOVEREIGNTY IN 2026
By Alexandre Grellier, CEO, Drooms
Cyber Security Review online – May 2026

A BEGINNER’S ROADMAP: HOW TO START YOUR AI SOC AGENT IMPLEMENTATION
By Kirsten Doyle
Cyber Security Review online – November 2025

THE PEOPLE BEHIND THE PIXELS: WHY CYBERSECURITY IN CRITICAL INDUSTRIES IS MORE HUMAN THAN EVER
Cyber Security Review online – July 2025

HOW TO MAXIMIZE EXCHANGE SERVER UPTIME? - SOME BEST PRACTICES
Cyber Security Review online – June 2025

KEY METRICS TO TRACK WHEN IMPLEMENTING AI IN YOUR SOC
By Josh Breaker-Rolfe
Cyber Security Review online – December 2024

ACHIEVING DATA SECURITY RESILIENCE WITH DSPM TOOLS
By Katrina Thompson
Cyber Security Review online – November 2024

CYBER SECURITY IN CRITICAL INDUSTRIES: CHALLENGES, SOLUTIONS, AND THE ROAD AHEAD
Cyber Security Review online – August 2024

HOW TO ENGAGE YOUR EMPLOYEES IN SECURITY AWARENESS TRAINING
Cyber Security Review online – April 2024

WHY IMMINENT SEC CYBER RULE CHANGES MEANS CYBER SECURITY LEADERSHIP MUST COME FROM THE VERY TOP
By Miguel Clarke, GRC and Cyber Security lead for Armor Defense
Cyber Security Review online – November 2023

WHAT COULD YOU DO IF YOU KNEW HOW EVERY PIECE OF DATA WAS BEING USED?
By Ross Moore, Cyber Security Support Analyst with Passageways
Cyber Security Review online – October 2023

A BRIEF HISTORY OF DATA LOSS PREVENTION
Cyber Security Review online – July 2023

THE 5 ESSENTIAL CYBERSECURITY AWARENESS TRAINING TIPS FOR A MORE SECURE ENVIRONMENT
Cyber Security Review online – June 2023

THE 8-STEP COMPREHENSIVE CHECKLIST FOR APPLICATION SECURITY IN 2023
Cyber Security Review online – April 2023

THE NETWORK SECURITY CHALLENGE:
Improving Visibility to Defend Against Cyberthreats
By Kev Eley, Vice President Sales UK and Europe at LogRhythm

SWEDEN LAUNCHES EUROPE’S MOST ADVANCED HUB FOR AUTOMOTIVE CYBER SECURITY
Research Institute engages ethical hackers and the latest research in cyber technology to combat spiraling threats to connected vehicles