Moving to a new domain without breaking old links with AWS & Disqus
I moved my site’s blog to its own domain without breaking old links or losing comments. Here’s how. I started...
Read more →News Archive
View All →
GhostToken GCP flaw let attackers backdoor Google accounts
Google has addressed a Cloud Platform (GCP) security vulnerability impacting all users and allowing attackers to backdoor their accounts using...
Read more →
Security Highlights: New CWE Rankings, Software Supply Chains, and Side-Channel Attacks
MITRE Releases 2022 CWE Top 25 The popular CWE Top 25 list, which ranks the most dangerous software vulnerabilities, has...
Read more →
Core Values at Detectify: Turning problems into opportunities
At Detectify, we like to approach problems as opportunities for improvement. In the last couple of months, we’ve faced two...
Read more →
Indian ICICI Bank data breach exposes 3.8 million customer information
ICICI Bank, an Indian bank with a business presence in over 15 countries, has become a victim of a data...
Read more →
Prepare for hybrid cloud headaches
The major cloud providers generally support on-premise workloads, with some offering IT admins a way to manage multiple public clouds...
Read more →
NO. 361 | GPT++, Apple Security, CISA Cuba…
Exploring the intersection of security, technology, and society—and what might be coming next… Standard Web Edition | December 12, 2022...
Read more →
Kubernetes RBAC abused to create persistent cluster backdoors
Hackers use a novel method involving RBAC (Role-Based Access Control) to create persistent backdoor accounts on Kubernetes clusters and hijack...
Read more →
Kubernetes RBAC Exploited in Large-Scale Campaign for Cryptocurrency Mining
Apr 21, 2023Ravie LakshmananKubernetes / Cryptocurrency A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based...
Read more →Running a free Twitter bot on AWS Lambda
If you read About time, you’ll know that I’m a big believer in spending time now on building things that...
Read more →
Google Releases Assured OSS For Free to Detect Vulnerabilities
Google Cloud is making it’s Assured Open Source Software (Assured OSS) service available for Java and Python ecosystems without charge...
Read more →
American Bar Association data breach hits 1.4 million members
The American Bar Association (ABA) has suffered a data breach after hackers compromised its network and gained access to older...
Read more →