The X_Trader software supply chain attack that led to last month’s 3CX breach has also impacted at least several critical…
I moved my site’s blog to its own domain without breaking old links or losing comments. Here’s how. I started…
Google has addressed a Cloud Platform (GCP) security vulnerability impacting all users and allowing attackers to backdoor their accounts using…
MITRE Releases 2022 CWE Top 25 The popular CWE Top 25 list, which ranks the most dangerous software vulnerabilities, has…
At Detectify, we like to approach problems as opportunities for improvement. In the last couple of months, we’ve faced two…
ICICI Bank, an Indian bank with a business presence in over 15 countries, has become a victim of a data…
The major cloud providers generally support on-premise workloads, with some offering IT admins a way to manage multiple public clouds…
Exploring the intersection of security, technology, and society—and what might be coming next… Standard Web Edition | December 12, 2022…
Hackers use a novel method involving RBAC (Role-Based Access Control) to create persistent backdoor accounts on Kubernetes clusters and hijack…
Apr 21, 2023Ravie LakshmananKubernetes / Cryptocurrency A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based…
If you read About time, you’ll know that I’m a big believer in spending time now on building things that…
Google Cloud is making it’s Assured Open Source Software (Assured OSS) service available for Java and Python ecosystems without charge…