Kubernetes Namespaces Are Not as Secure as You Think
In a previous article, we described how the usage of namespaces in Kubernetes significantly simplifies the management of a Kubernetes...
hacking
Looking Back and Moving Forward With Rapid7’s Cloud Security Solution
This blog post was co-authored by Jamie Gale and Charles Stokes. Done with Q1The DivvyCloud by Rapid7 team has had...
Swarmshop – What goes around comes around: hackers leak other hackers’ data online
Group-IB, a global threat hunting and adversary-centric cyber intelligence company, discovered that user data of the Swarmshop card shop have been leaked...
Pwn2Own 2021 Day 2 – experts earned $200K for a zero-interaction Zoom exploit
Pwn2Own 2021 – Day 2: a security duo earned $200,000 for a zero-interaction Zoom exploit allowing remote code execution. One...
Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof
Days after a massive Facebook data leak made the headlines, 500 million LinkedIn users are being sold online, seller leaked 2 million...
Cisco fixed multiple flaws in SD-WAN vManage Software, including a critical RCE
Cisco has addressed a critical pre-authentication remote code execution (RCE) vulnerability in the SD-WAN vManage Software. Cisco has addressed multiple...
User database was also hacked in the recent hack of PHP ‘s Git Server
The maintainers of the PHP programming language confirmed that threat actors may have compromised a user database containing their passwords....
Man arrested after hired a hitman on the dark web
A joint operation of Europol and the Italian Postal and Communication Police resulted in the arrest of an Italian national...
Columbo – A Computer Forensic Analysis Tool Used To Simplify And Identify Specific Patterns In Compromised Datasets
Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets. It breaks down...
ThreatMapper – Identify Vulnerabilities In Running Containers, Images, Hosts And Repositories
The Deepfence Runtime Threat Mapper is a subset of the Deepfence cloud native workload protection platform, released as a community...
Security Isn’t a Four-Letter Word: How Infrastructure as Code (IaC) Amplifies DevOps Through the Inclusion of Security
Our fast-paced lives are fueled by innovative, cloud-native companies. We are able to watch our favorite programs and movies from...
A Quick Look Into Cloud Infrastructure Entitlement Management (CIEM)
The cloud security solutions market is growing rapidly, and there are many types of solutions to support your specific business...
A Quick Look Into Cloud Workload Protection Platforms (CWPPs)
The cloud security solutions market is growing rapidly, and there are many types of solutions to support your specific business...
MDR Vendor Must-Haves, Part 4: Ingestion of Authentication Data Across Local, Domain, and Cloud Sources
This blog post is part of an ongoing series about evaluating Managed Detection and Response (MDR) providers. For more insights,...
Pwn2Own 2021 Day 1 – participants earned more than $500k
The Pwn2Own 2021 hacking competition has begun and white hat hackers participants earned more than $500000 on the first day....
Crooks use Telegram bots and Google Forms to automate phishing
Crooks increasingly often use legitimate services such as Google Forms and Telegram to obtain user data stolen on phishing websites....
Gigaset Android smartphones infected with malware after supply chain attack
A new supply chain attack made the headlines, threat actors compromised at least one update server of smartphone maker Gigaset to...
European Commission and other institutions were hit by a major cyber-attack
Not only the European Commission, but many other organizations of the European Union have been targeted by a cyberattack in...
SAP systems are targeted within 72 hours after updates are released
On-premises SAP systems are targeted by threat actors within 72 hours after security patches are released, security SAP security firm...
Burpsuite-Copy-As-XMLHttpRequest – Copy As XMLHttpRequest BurpSuite Extension
The extension adds a context menu to BurpSuite that allows you to copy multiple requests as Javascript's XmlHttpRequest, which simplifies...
Scylla – The Simplistic Information Gathering Engine | Find Advanced Information On A Username, Website, Phone Number, Etc…
Scylla is an OSINT tool developed in Python 3.6. Scylla lets users perform advanced searches on Instagram & Twitter accounts,...
Rapid7 Releases New Industry Cyber-Exposure Report (ICER): Fortune 500
Today, Rapid7 just released the first in our all-new Industry Cyber-Exposure Report (ICER) series. For those of you who have...
Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks
China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam....
This service allows checking if your mobile is included in the Facebook leak
Security researcher implemented a service to verify if your mobile number is included in the recent Facebook data leak. Security...
