GCP ESPv2 Hit with Critical API Authorization Bypass CVE-2023-30845
This post delves into a very impactful JWT Authentication Bypass vulnerability (CVE-2023-30845) found in ESP-v2, an open-source service proxy that…
Security
Power LED Side-Channel Attack
This is a clever new <a href=”https://www.nassiben.com/video-based-crypta>side-channel attack: The first attack uses an Internet-connected surveillance camera to take a high-speed…
Weekly Update 352
Presently sponsored by: Kolide can get your cross-platform fleet to 100% compliance. It’s Zero Trust for Okta. Want to see…
Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free…
Is a RAT stealing your files? – Week in security with Tony Anscombe
Could your Android phone be home to a remote access tool (RAT) that steals WhatsApp backups or performs other shenanigans?…
Friday Squid Blogging: Squid Can Edit Their RNA
This is just crazy: Scientists don’t yet know for sure why octopuses, and other shell-less cephalopods including squid and cuttlefish,…
Security and Human Behavior (SHB) 2023
I’m just back from the sixteenth Workshop on Security and Human Behavior, hosted by Alessandro Acquisti at Carnegie Mellon University…
Stop Cyberbullying Day: Prevention is everyone’s responsibility
Strategies for stopping and responding to cyberbullying require a concerted, community-wide effort involving parents, educators and children themselves The post…
What You Need To Know About The MOVEit
The MOVEit Vulnerabilities and Latest Exploits. Impact On Governmental Agencies And Large Organizations Governmental agencies and large organizations around the…
Android GravityRAT goes after WhatsApp backups
ESET researchers analyzed an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can receive commands to…