In the past, we’ve released a few lists of some of our favorite pen testing tools (which you can read here: Pen Testing Tools We're Thankful for... continue reading
FROM SHORTENED LINKS TO FULL COMPROMISE A key value of continuous testing through Continuous Attack Surface Testing (CAST) is having a team of... continue reading
There’s no shortage of books about security, and it can be difficult to determine which titles are worth your time. Security how-to books also run... continue reading
ADVISORY SUMMARY F5 Networks released a series of security advisories today for seven vulnerabilities affecting their BIG-IP and BIG-IQ products.... continue reading
TL;DR The same JSON document can be parsed with different values across microservices, leading to a variety of potential security risks. If you... continue reading
What are the risks associated with overly permissive pod creation in Kubernetes? The answer varies based on which of the host’s namespaces and... continue reading
ADVISORY SUMMARY The Mautic application is affected by stored XSS vulnerabilities. Upon exploitation, these issues allow an authenticated attacker... continue reading
Jan 11, 2021 5:00:00 AM |
By Chris Davis, Joe DeMesy
ADVISORY SUMMARY The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server... continue reading
I'm excited to announce some new features that have been added to RMIScout. RMIScout is a tool to perform wordlist and brute-force attacks against... continue reading