API4:2023 Unrestricted Resource Consumption
Welcome to the 5th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a...
Read more →Category: Mix
Impact of the New SEC Cyber Incident Reporting Rules on the C-Suite and Beyond
We recently hosted a compact and very engaging panel discussion about the new SEC Cyber Incident Reporting Rules due to...
Read more →
Be a Hype Man For Your Friends · rez0
Explaining the benefits of hyping up your friends’ ideas. Amplify (ˈam·pləˌfī) verb: To make larger, greater, or stronger; enlarge; extend....
Read more →
How Ethical Hackers Help the CISO Budget [4 Takeaways from CISOs]
Over the course of a few weeks, we had conversations with 50+ CISOs and security leaders from a wide range...
Read more →![[tl;dr sec] #195 - Kubernetes Exposed, SBOMs, Elastic's Vuln Management](https://cybernoz.com/wp-content/uploads/2023/08/tldr-sec-195-Kubernetes-Exposed-SBOMs-Elastics-Vuln-Management.jpg "[tl;dr sec] #195 - Kubernetes Exposed, SBOMs, Elastic's Vuln Management 9")
[tl;dr sec] #195 – Kubernetes Exposed, SBOMs, Elastic’s Vuln Management
I hope you’ve been doing well! Hacker Summer Camp This year was my first time in Vegas since the pandemic,...
Read more →
Unsupervised Learning NO. 394
Unsupervised Learning is a Security, AI, and Meaning-focused podcast that looks at how best to thrive as humans in a...
Read more →
OAuth and PostMessage
Tl;DR; An OAuth misconfiguration was discovered in the redirect_uri parameter at the target’s OAuth IDP at https://app.target.com/oauth/authorize, which allowed attackers...
Read more →
What Is the New NIST Control for Public Disclosure Programs?
Let’s first define what we’re talking about when we refer to these NIST controls. NIST 800-53 is a popular framework...
Read more →
Customize ZAP HUD 🎮
Today, I write a post about how to use ZAP HUD in an engaging manner. While ZAP HUD may not...
Read more →
90-Day Certificate Validity
오늘은 구글에서 추친하는 90일의 인증서 유효기간에 대한 이야기를 하려고 합니다. 구글이 올해 3월(2023)에 Chromium Security 를 통해 공지(방향성에 대한 공지)한...
Read more →
API3:2023 Broken Object Property Level Authorization
Welcome to the 4th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a...
Read more →
What to Know About the New SEC Cybersecurity Rule [3 Requirements]
SEC’s Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule The SEC’s final rule is aimed at helping investors make...
Read more →