by Beck Bailey | Jun 17, 2024 | RSS
Cloud adoption is not slowing down, and neither is the cloud threat landscape. Among many other benefits, the cloud offers increased productivity and flexibility, as well as reduced infrastructural costs. However, despite delivering many goodies, API endpoints hosted...
by Beck Bailey | Jun 17, 2024 | RSS
ASUS has shipped software updates to address a critical security flaw impacting its routers that could be exploited by malicious actors to bypass authentication. Tracked as CVE-2024-3080, the vulnerability carries a CVSS score of 9.8 out of a maximum of 10.0....
by Beck Bailey | Jun 17, 2024 | RSS
A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and...
by Beck Bailey | Jun 17, 2024 | RSS
Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or after a service is deployed), the ensuing process of compiling and fixing...
by Beck Bailey | Jun 17, 2024 | RSS
Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates. “The threat actor employs a multi-stage attack chain involving an infected website, a command-and-control (C2)...
Recent Comments