Note: Some of the information below in regard to in person or virtual talk may be subject to change as DEF CON approaches. The upcoming DEF CON... continue reading
Jul 15, 2021 5:00:00 AM |
By Britt Kemp, Matt Keeley,
After exploiting a vulnerability and getting inside a network on an engagement, we often want to show what trophies we can collect as a way of... continue reading
Everyone seems to have a podcast these days on every topic under the sun. Information security is certainly no exception – there are endless... continue reading
TL;DR By using special HTML tags that leverage HTML parsing logic, it is possible to achieve cross-site scripting (XSS) even in instances where... continue reading
Jun 15, 2021 5:00:00 AM |
By Robert Punnett, Auner Moncada, Daniel Fulford
ADVISORY SUMMARY The text-to-speech engine in libretro RetroArch for Windows 1.9.0 - 1.9.4 passes unsanitized input to PowerShell through ... continue reading
ADVISORY SUMMARY The following describes an identified vulnerability in the Froala application in version 3.2.6. Froala is in use on thousands of... continue reading
ADVISORY SUMMARY F5 Networks released a series of security advisories today for seven vulnerabilities affecting their BIG-IP and BIG-IQ products.... continue reading
TL;DR The same JSON document can be parsed with different values across microservices, leading to a variety of potential security risks. If you... continue reading
What are the risks associated with overly permissive pod creation in Kubernetes? The answer varies based on which of the host’s namespaces and... continue reading
eWeek
DARK Reading
HELPNET Security