Learn everything about the Kubernetes (K8s) network security effect from Amir Kaushansky, ARMO's VP Product. Read this insightful blog post here!

Introducing bugalert.org, a free and open-source service for alerting security and IT professionals of high-impact and 0day vulnerabilities by email, SMS, and phone calls (and via Twitter).

This article explores 5 SSH best practices you should observe to boost the security of your infrastructure.

Finding sensitive information in the trimmed parts of cropped images - GitHub - dfaram7/pptshots: Finding sensitive information in the trimmed parts of cropped images

The Wire investigates claims behind the use of ‘Tek Fog’, a highly sophisticated app used by online operatives to hijack major social media and encrypted messaging platforms and amplify right-wing propaganda to a domestic audience.

Enterprise Ready Cyber Security For Robotics & Robotic Components

Easy to use CLI security checks for the Heroku platform. Validate baseline security configurations for your own Heroku deployments. - GitHub - heroku/heroku-guardian: Easy to use CLI security check...

Private and self-hosted file sharing over the Tor network written in golang - GitHub - R4yGM/garlicshare: Private and self-hosted file sharing over the Tor network written in golang

Critical JNDI-based vulnerability exploiting the same root cause of Log4Shell. Read more from the JFrog Security Research Team describing the attack vector >

Pwn stuff. Contribute to mm0r1/exploits development by creating an account on GitHub.

A critical infrastructure player found a way for traffic to leak out from their isolated network and asked us for help. They had updated…

This page describes the concept of mutual authentication and why it's important.

How to tell if you are using NPM safely within your CI

A repo to automatically generate and keep updated a series of Docker images through GitHub Actions. - GitHub - cybersecsi/RAUDI: A repo to automatically generate and keep updated a series of Docker...

Scanning millions of domains and compromising the email supply chain of Australia's most respected institutions.

I was a Private Internet Access (PIA) customer for many, many years. Some recent changes spurred me to look for a new VPN provider and I ended up landing on ProtonVPN which I’ve been using for a few months now.

Computer accounts have the $ sign appended at the end of their names in contrast with standard user accounts. By default Microsoft operating systems lack of security controls and hardening that wou…

One day, while I was working on OpenShift, a Kubernetes distribution by RedHat focused on developer experience and application security, I noticed that I was able to inject ANSI escape characters...

Coercing the domain controller machine account to authenticate to a host which is under the control of a threat actor could lead to domain compromise. The most notable technique which involves coer…

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to po…