In my previous post, I introduced IAM Vulnerable, walked through how to set it up in a playground AWS account, and demonstrated how to practice... continue reading
This past summer, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) partnered with forces in the United Kingdom and... continue reading
If you are ever in a position where you need to assess the security of an AWS environment, one of the most important services to look at is... continue reading
DEF CON 29 has come and gone, but we’re still buzzing around a few of the talks that we heard from some of the world’s top security researchers.... continue reading
ADVISORY SUMMARY An insecure filesystem permissions vulnerability was identified in eCatcher version 6.6.4 and earlier. To exploit this... continue reading
ADVISORY SUMMARY An IDOR vulnerability allowed reading and modifying the workouts of all users of the Wodify platform. Additionally, this access... continue reading
Aug 5, 2021 11:43:40 AM |
By Dan Petro, Allan Cecil,
There’s a crack in the foundation of Internet of Things (IoT) security, one that affects 35 billion devices worldwide. Basically, every IoT device... continue reading
Note: Some of the information below in regard to in person or virtual talk may be subject to change as DEF CON approaches. The upcoming DEF CON... continue reading
Jun 15, 2021 5:00:00 AM |
By Robert Punnett, Auner Moncada, Daniel Fulford
ADVISORY SUMMARY The text-to-speech engine in libretro RetroArch for Windows 1.9.0 - 1.9.4 passes unsanitized input to PowerShell through ... continue reading
eWeek
DARK Reading
HELPNET Security