Akamai Has Addressed Browser-Powered Desync Attacks
On August 10, 2022, security researcher James Kettle presented a set of novel HTTP request smuggling attacks in his Black Hat talk,
Author: CySecBot
Microsoft Patches ‘Dogwalk’ Zero-Day and 17 Critical Flaws
August Patch Tuesday tackles 121 CVEs, 17 critical bugs and one zero-day bug exploited in the wild.
Akamai?s Perspective on August Patch Tuesday
Want the rundown of what to focus on with Patch Tuesday in one place? Check out this blog, and patch, patch, patch!
Virtual Currency Platform ‘Tornado Cash’ Accused of Aiding APTs
U.S. Treasury blocked the business of the virtual currency mixer for laundering more than $7 billion for hackers, including $455 million to help fund North Korea’s missile program.
Is Your Security Strategy Focused?
Strategic security leadership is the overarching recommendation in ?How to Respond to the 2022 Cyberthreat Landscape,? a new report from Gartner�.
Download your complimentary copy in this blog.
Kali Linux 2022.3 Release (Discord & Test Lab)
In light of “Hacker Summer Camp 2022” (BlackHat USA, BSides LV, and DEFCON) occurring right now, we wanted to push out Kali Linux 2022.3 as a nice surprise for everyone to enjoy! With the publishing of this blog post, we have the download l…
The business case for security strategy and architecture
The business benefits of developing an information security strategy and accompanying security architecture/design include: Being proactive, taking the lead in this area – more puppeteer than puppet; Designing a framework or structure to support t…
Phishers Swim Around 2FA in Coinbase Account Heists
Attackers are spoofing the widely used cryptocurrency exchange to trick users into logging in so they can steal their credentials and eventually their funds.
Risk is …
… when threat exploits vulnerability causing impact… tough to measure, express and control… the product of probability and impact… the gap between theory and practice… the root of pessimism and optimism … the once-in-a-hundred-years e…
CISO workshop slides
A glossy, nicely-constructed and detailed PowerPoint slide deck by Microsoft Security caught my beady this morning. The title ‘CISO Workshop: Security Program and Strategy’ with ‘Your Name Here’ suggests it might be a template for use in a workshop/cou…