2022 Year-End API ThreatStats™ Report
In 2022, the Wallarm Threat Research team went through almost 350,000 reports to find 650 API-specific vulnerabilities, and tracked 115…
Security
FBI and CISA issue joint warning on Royal Ransomware
On March 6, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a…
Prompt Injection Attacks on Large Language Models
This is a good survey on prompt injection attacks on large language models (like ChatGPT). Abstract: We are currently witnessing…
CISA and FBI issue joint warning on Royal Ransomware
On March 6, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a…
VMware NSX Manager vulnerabilities being actively exploited in the wild
The Wallarm Detect team has found exploit attempts in the wild of CVE-2022-31678 and CVE-2021-39144. The original vulnerabilities were found…
New National Cybersecurity Strategy
Last week the Biden Administration released a new National Cybersecurity Strategy (summary >here. There is lots of good commentary out…
What does $5,000 buy you on a hacking forum? – Week in security with Tony Anscombe
A bootkit that ESET researchers have discovered in the wild is the BlackLotus UEFI bootkit that is being peddled on…
Friday Squid Blogging: We’re Almost at Flying Squid Drones
Researchers are prototyping multi-segment shapeshifter drones, which are “the precursors to flying squid-bots.” As usual, you can also use this…
Nick Weaver on Regulating Cryptocurrency
Nicholas Weaver wrote an excellent paper on the problems of cryptocurrencies and the need to regulate the space—with all existing…
Weekly Update 337
Presently sponsored by: Kolide ensures only secure devices can access your cloud apps. It’s Device Trust tailor-made for Okta. Book…