How MuleSoft patched a critical security flaw and avoided a disaster


John is a software engineer and a pretty good one. He works for a company that processes online payments. On Thursday, August 1, John’s bosses pulled him into an urgent security meeting.

John was scared but also very curious. What could have happened? The last time John was called into a security meeting was in 2017, more than two years ago, during the three ransomware outbreaks that occurred that year — WannaCry, NotPetya, and Bad Rabbit.

A few months before, Microsoft disclosed a major security flaw impacting the Windows OS, named BlueKeep, and his company barely reacted, merely sending an internal security alert, telling software engineers to review RDP access settings on Windows systems.

Read more…