5 Things Top Bug Bounty Hunters Do Differently
This week, we had the pleasure of hosting 50 Belgian technology students, who were on a tour of Silicon Valley technology companies. We had the…
Month: May 2023
How to Automate for Continuous Security
With cyber-attacks becoming more sophisticated, organizations are becoming increasingly aware of the importance of safeguarding their web applications against security vulnerabilities. One common way of…
Bitdefender GravityZone Security for Mobile provides protection against mobile attack vectors
Bitdefender unveiled GravityZone Security for Mobile, designed to provide organizations with advanced Mobile Threat Detection (MTD) and security for Android, iOS and Chromebook devices, including…
Dark Pink APT Group Leverages TelePowerBot and KamiKakaBot in Sophisticated Attacks
May 31, 2023Ravie LakshmananAdvanced Persistent Threat The threat actor known as Dark Pink has been linked to five new attacks aimed at various entities in…
Toyota finds more misconfigured servers leaking customer info
Toyota Motor Corporation has discovered two additional misconfigured cloud services that leaked car owners’ personal information for over seven years. This finding came after the…
Salt Attains AWS Security Competency Status – IT Security Guru
Today, Salt Security announced that it has achieved Amazon Web Services (AWS) Security Competency status in the Application Security category. Salt is the only API…
Zyxel patches vulnerability in NAS devices (CVE-2023-27988)
Zyxel has patched a high-severity authenticated command injection vulnerability (CVE-2023-27988) in some of its network attached storage (NAS) devices aimed at home users. About the…
Silent Threat Lurking in Your Salesforce Communities
May 31, 2023Ravie LakshmananData protection / Cyber Threat Improperly deactivated and abandoned Salesforce Sites and Communities (aka Experience Cloud) could pose severe risks to organizations,…
A Year In HackerOne’s Bug Bounty Program
Hackers Report The Most Vulnerabilities In 2022 To Keep The Platform Secure We looked at how our program performed from February 2022 to February 2023. …
Android Malware Mimic Popular Apps to Steal Sensitive Data
DogeRAT (Remote Access Trojan) is an open-source Android malware that targets a sizable customer base from various businesses, particularly banking, and entertainment. CloudSEK’s TRIAD team…
Permit.io launches FoAz to give frontend developers the keys to security
Permit.io has launched FoAz which enables frontend developers to take access controls into their own hands. Short for frontend-only authorization, FoAz is a technology that…
Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices
May 31, 2023Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have found “backdoor-like behavior” within Gigabyte systems, which they say enables the UEFI firmware of the…