Credit to Author: Mickey Jin| Date: Fri, 14 Jan 2022 00:00:00 +0000
A vulnerability found in 2021 has been patched and re-patched in the months since it was reported. We analyze the bug and outline the process that led to the discovery of CVE-2021-30995.
Read more
Credit to Author: Forward-Looking Threat Research Team| Date: Fri, 14 Jan 2022 00:00:00 +0000
In a series of blog posts, we explore different aspects of Codex and assess its capabilities with a focus on the security aspects that affect not only regular developers but also malicious users. This is the second part of the series.
Read more
Credit to Author: Jon Clay| Date: Fri, 14 Jan 2022 00:00:00 +0000
This week, read about how crucial it is for security teams to adopt an integrated approach to threat detection, such as remote control, and Congress’s plan to update the Federal Information Security Management Act (FISMA) for the first time in eight years.
Read more
Credit to Author: Melanie Tafelski| Date: Fri, 14 Jan 2022 00:00:00 +0000
Learn the difference between DevSecOps and DevOps and get tips to smoothly embed security throughout the entire build lifecycle.
Read more
Credit to Author: Sébastien Dudek| Date: Tue, 11 Jan 2022 00:00:00 +0000
This report is the fourth part of our LoRaWAN security series, and highlights an attack vector that, so far, has not attracted much attention: the LoRaWAN stack. The stack is the root of LoRaWAN implementation and security. We hope to help users secure it and make LoRaWAN communication resistant to critical bugs.
Read more
Credit to Author: Abraham Camba| Date: Mon, 10 Jan 2022 00:00:00 +0000
The Trend Micro™ Managed XDR team addressed a stealthy multilayered attack that progressed from an exploited endpoint vulnerability to the use of legitimate remote access tools including Remote Desktop Protocol (RDP) as its final means of intrusion.
Read more
Credit to Author: Forward-Looking Threat Research Team| Date: Fri, 07 Jan 2022 00:00:00 +0000
The first of a series of blog posts examines the security risks of Codex, a code generator powered by the GPT-3 engine.
Read more
Credit to Author: Jon Clay| Date: Fri, 07 Jan 2022 00:00:00 +0000
This week, read about Log4j vulnerabilities in connected cars and charging stations and how iOS malware can fake iPhone shutdowns to snoop on cameras and microphones.
Read more
Credit to Author: Jon Clay| Date: Fri, 07 Jan 2022 00:00:00 +0000
Jon Clay, VP of Threat Intelligence at Trend Micro, explores the latest Trend Micro Research covering Access as a Service (AaaS), an emerging business model selling all-access passes to other malicious actors.
Read more
In this workshop, you’ll learn how to leverage DevOps Security with your serverless applications running on AWS Lambda or containerized applications running on AWS Fargate. Learn how to make cloud security more efficient, proactive, and gain visibility.