Attack Surface Management (ASM) is the proactive practice of identifying and managing the potential attack surface of an organization's IT assets to prevent and mitigate potential attacks by hackers. It is essential to minimize the exposure of valuable assets…

ServiceNow Insecure Access Control leading to Administrator Account Takeover - CVE-2022-43684

We discovered a vulnerability in the Bitwarden desktop app that exposed master passwords in the memory after a vault had been locked.

Our team of security experts will provide an exclusive glimpse into the phishing emails used in Facebook Phishing Campaign.

The infamous Clop ransomware, mainly known as Cl0p, targets various industries and organizations, extorting data for a huge amount of ransom. It advances actively with new emerging campaigns. This blog walks through the Clop timeline, Mitre TTPs and their…

-> Setting up the environment + […]

Vulnerability intelligence that predicts avenues of attack with speed and accuracy.

Organizations should prioritize cloud defense in depth. With a strong security plan, you can lay a foundation for a secure cloud environment.

Without altering a single line of code, attackers poisoned the NPM package “bignum” by hijacking the S3 bucket serving binaries necessary for its function and replacing them with malicious ones

This Technical Series blog investigates the Flutter framework ​(Google, n.d.)​ and the methods for bypassing its detections on iOS.

Microsoft IR investigation of a BlackByte 2.0 ransomware attack progressed thru full attack chain from initial access to impact in five days.

No click or copy&paste required

Slinky Cat has been developed to automate some of the methods introduced in living off the land and to supplement ScrapingKit. To help security and IT teams reduce their AD exposures and uncover quick wins and fixes designed for pen-testers and defenders…

As a traditional application security engineer, I’m trying to adapt myself to the AI mayhem. This post covers my thoughts about prompt…