Risks and Vulnerabilities
Your Sender Policy Framework (SPF) Risk Exposure
If you do not set up an SPF record, untrustworthy emails from unauthorized sources can be sent to your employees and customers, seemingly from your domain.
Read more
Caitlin Postal
January 16, 2025
Atlassian Confluence Zero-Day Vulnerability: What Is CVE-2023-25515?
CVE-2023-22515 is a privilege escalation and broken access control vulnerability affecting Confluence Data Center and Confluence Server.
Read more
Caitlin Postal
January 16, 2025
What is CVE-2023-4863? Google's libwebp at risk
A major vulnerability in the libwebp library puts web users at risk of remote code execution.
Read more
Caitlin Postal
January 8, 2025
What is a Remote Access Trojan (RAT)?
UpGuard Breach Risk provides continuous monitoring and automated scanning for potential threats, including exposed ports that known RATs can exploit.
Read more
Caitlin Postal
January 16, 2025
How to Fix Your Domain Name Registrar Issues
Secure your domain against common findings related to your domain name registration.
Read more
Caitlin Postal
January 16, 2025
Protect Your Site from Domain Expiration
Domains that expire become unavailable for users, which can negatively impact your brand reputation. Keep track of expiry dates for stable domain access.
Read more
Caitlin Postal
January 16, 2025
Protect Against HTTP Attacks with HTTPS Strict Transport Policy
Ensure your HTTPS Strict Transport Policy is configured properly to ensure secure communications.
Read more
Caitlin Postal
January 16, 2025
Your HTTPS Redirection Risk Exposure
Without encrypted communications, information transfer is not protected and sensitive data becomes vulnerable to attackers. Set up HTTPS redirection.
Read more
Caitlin Postal
January 16, 2025
How to Respond to CVE-2023-24489 Impacting Citrix ShareFile
An access control vulnerability impacting Citrix ShareFile can lead to remote code execution.
Read more
Caitlin Postal
November 18, 2024
How to Identify and Strengthen Weak SSL
If your server uses a weak SSL algorithm or an insecure SSL/TLS version, you'll need to update the system to protect your customers and your assets.
Read more
Caitlin Postal
January 16, 2025
How to Respond to Ivanti EPMM/MobileIron Vulnerabilities (CVE-2023-35078)
Identify if your assets are impacted by the Ivanti EPMM and MobileIron vulnerabilities (CVEs) and, if so, what actions to take next.
Read more
What End-of-life Software Means for Your Business
Software with an end-of-life finding can lead to security vulnerabilities in your technical stack. Identify risks and coordinate updates for EOL software.
Read more
Caitlin Postal
January 16, 2025
How to Respond to Citrix ADC and Citrix Gateway Vulnerabilities (CVE-2023-3519)
Identify if your assets are impacted by the Citrix/NetScaler ADC and Gateway vulnerabilities (CVEs) and, if so, what actions to take next.
Read more
Caitlin Postal
November 18, 2024
What is the SSL Not Available Risk?
If your server does not have a valid SSL/TLS certificate installed and configured, your site will not be able to serve traffic using SSL/TLS encryption.
Read more
Caitlin Postal
January 16, 2025
What is SSL Certificate Expiration?
SSL/TLS certificates provide a critical security layer for encrypting traffic to your public web systems.
Read more
Caitlin Postal
January 16, 2025
How to Respond: CVE-2023-27997 (Fortigate SSL VPN)
Learn how to identify if you've been impacted by CVE-2023-27997 and, if you are, how to quickly secure your IT ecosystems from exploitation.
Read more
Edward Kost
January 7, 2025
Sign up for our newsletter
Stay up-to-date on everything UpGuard with our monthly newsletter, full of product updates, company highlights, free cybersecurity resources, and more.
Free instant security score
How secure is your organization?
Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
Instant insights you can act on immediately- Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
