Solana is a proof of stake network. So, the more value you provide in Solana, the more power you have in the voting process. With 2/3 of the control, changes to the state can be made. Clearly,...
Solana is a blockchain that allows for the execution of arbitrary Rust code. The main difference is that information is stored in accounts - both code and data. Program Derived Addresses (PDAs)...
Volexity would like to thank Palo Alto Networks for their partnership, cooperation, and rapid response to this critical issue. Their research can be found here. On April 10, 2024, Volexity...
Due to the unprecedented growth of cloud technology, the democratization of cloud security -- making everyone in an organization a stakeholder in security practices -- has become a necessity. But...
In this overview, we discuss cybercriminal and hacktivist attacks on industrial organizations.
On 2024-04-11, an incident was reported, involving an unknown actor, gaining initial access via Cloud native misconfig, while using Launch new cloud resources, Create or modify firewall or...
On 2024-04-11, an incident was reported, involving an unknown actor, gaining initial access via End-user compromise, while using Password spraying, Launch new cloud resources, MFA enrollment,...
On 2024-04-11, an incident was reported, involving an unknown actor, gaining initial access via Supply chain vector, while using Cloud key compromise, Cloud to on-prem lateral movement, to achieve...
On 2024-04-11, an incident was reported, involving an unknown actor, gaining initial access via End-user compromise, while using Cloud key compromise, Phishing, to achieve RansomOp.
On 2024-04-11, an incident was reported, involving an unknown actor, gaining initial access via End-user compromise, while using Cloud key compromise, to achieve Data exfiltration.
An unknown threat actor gained access to a self-hosted Gitlab instance used by Sisense, which stored credentials for an S3 bucket containing customer access tokens, passwords and SSL certificates.
Jet Protocol was a lending and borrowing protocol built on Solana. The function _market_value() is used to determine the total market value of the loans that had been taken out. So, if this...
We’re pushing for consolidation, bolstering our Cloud Detection and Response capabilities, and delivering on the promise of security operations for the cloud era.
The Wiz and Tines partnership combines the benefits of visibility and automation, creating an improved cloud security strategy.
Learn how to use the versatile, open source utility CyberChef. This 101 includes an overview, operations, real-world walkthrough, and resources.
Written by: Jacob Thompson The Apache XML Security for C++ library, code named xml-security-c, is part of the Apache Santuario project. The library implements the XML Digital Signature and the XML...
As the creator of the world’s first smart home cybersecurity hub, Bitdefender regularly audits popular IoT hardware for vulnerabilities. This research paper is part of a broader program that aims...
As the creator of the world’s first smart home cybersecurity hub, Bitdefender regularly audits popular IoT hardware for vulnerabilities. This research paper is part of a broader program that aims...
Researchers has uncovered a decade-long botnet operation by a Romanian group dubbed RUBYCARP. This group focuses on financial gain through cryptomining, phishing, and DDoS attacks, utilizing...
On 2024-04-09, a campaign was reported, involving 0ktapus, gaining initial access via End-user compromise, while using Exfiltration via AWS Transfer, Exfiltration via AWS DataSync, Cloud API e, to...
On 2024-04-09, a research was reported, involving , gaining initial access via Cloud native misconfig, targeting Azure Storage to achieve Resp. disclosure.
Web servers are not exposing files on a server in a simple way anymore. Instead, they use proxy's, load balancers and fetch responses from other servers locally. Weird application routing can be...
Find out quickly where OS and open-source packages or libraries are deployed in your cloud environments and secure them before potential issues arise.
Chromium, the underlining browser engine that powers Opera, is highly customizable as a browser. The developers of the user facing browser can add custom APIs to it. Additionally, browsers have...
Chromium, the underlining browser engine that powers Edge, is highly customizable. For instance, there is a file called _api_features.json that stores permissions for vendor-specific APIs....
Wiz researchers discovered architecture risks that may compromise AI-as-a-Service providers and put customer data at risk. Wiz and Hugging Face worked together to mitigate the issue.
IBC on Cosmos is a generalized way for crosschain communication. In the case of Comdex, they were using IBC to get oracle price updates from Band. The IBC protocol itself is trustless and...
Written by: Matt Lin, Austin Larsen, John Wolfram, Ashley Pearson, Josh Murchie, Lukasz Lamparski, Joseph Pisano, Ryan Hall, Ron Craft, Shawn Chew, Billy Wong, Tyler McLellan Since the initial...
The impact that AI has on society has steadily crept into the darkest nooks and crannies of the internet. So much so that cybercrooks are hitching free rides on the AI bandwagon by leveraging the...
The impact that AI has on society has steadily crept into the darkest nooks and crannies of the internet. So much so that cybercrooks are hitching free rides on the AI bandwagon by leveraging the...