‘Azurescape’ Kubernetes Attack Allows Cross-Container Cloud Compromise
A chain of exploits could allow a malicious Azure user to infiltrate other customers’ cloud instances within Microsoft’s container-as-a-service offering.
A critical security vulnerability allowing attackers to perform cross-account container...
LockBit, BlackCat, Swissport, Oh My! Ransomware Activity Stays Strong
However, groups are rebranding and recalibrating their profiles and tactics to respond to law enforcement and the security community’s focus on stopping ransomware attacks.
Law enforcement, C-suite executives and the...
There’s A Hole In Your SoC: Glitching The MediaTek BootROM
This research was conducted by our intern Ilya Zhuravlev, who has returned to school but will be rejoining our team after graduation, and was advised by Jeremy Boone of...
Critical VMware Zero-Day Bug Allows Command Injection; Patch Pending
VMware explained it has no patch for a critical escalation-of-privileges bug that impacts both Windows and Linux operating systems and its Workspace One.
The U.S. Cybersecurity and Infrastructure Security...
Zero-Trust For All: A Practical Guide
How to use zero-trust architecture effectively in today’s modern cloud-dependent infrastructures.
While “zero-trust architecture” has become a buzz phrase, there’s plenty of confusion as to what it actually is....
VMWare Patches Critical RCE Flaw in vCenter Server
The vulnerability, one of three patched by the company this week, could allow threat actors to breach the external perimeter of a data center or leverage backdoors already installed...
Microsoft Addresses 3 Zero-Days & 3 Critical Bugs for March Patch Tuesday
The computing giant patched 71 security vulnerabilities in an uncharacteristically light scheduled update, including its first Xbox bug.
Microsoft has addressed 71 security vulnerabilities in its scheduled March Patch Tuesday...
Pirate Sports Streamer Gets Busted, Pivots to MLB Extortion
An alleged sports content pirate is accused of not only hijacking leagues’ streams but also threatening to tell reporters how he accessed their systems.
Demanding payment in exchange for...
Industrial Networks See Sharp Uptick in Hackable Security Holes
Claroty reports that adversaries, CISOs and researchers have all turned their attention to finding critical security bugs in ICS networks.
It’s on: Adversaries, CISOs and researchers are all simultaneously involved...
Critical Microsoft Defender Bug Actively Exploited; Patch Tuesday Offers 83 Fixes
The first Patch Tuesday security bulletin for 2021 from Microsoft includes fixes for one bug under active attack, possibly linked to the massive SolarWinds hacks.
Microsoft addressed 10 critical...
