How We Ditched the SaaS Status Quo for Time-Series Telemetry
Free the logs! Behind the scenes at InfluxData, which turned to its own in-house security...
Read More
Author: Peter Albert
Critical Railway Braking Systems Open to Tampering
It only takes recycled cans, copper, and cheap gadgets off the Web to trick a train conductor into...
Read MoreWrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide
A newly discovered campaign has compromised tens of thousands of outdated or end-of-life (EoL) ASUS routers worldwide, predominantly in Taiwan, the U.S., and Russia, to rope them into a massive network. The router hijacking...
Read MoreApplication Containment: How to Use Ringfencing to Prevent the Weaponization of Trusted Software
The challenge facing security leaders is monumental: Securing environments where failure is not an option. Reliance on traditional security postures, such as Endpoint Detection and Response (EDR) to chase threats after they have...
Read MoreLDAP Clear-text credentials retrievable with IP modification
CVSSv3 Score: 2.1 An insufficiently protected credentials [CWE-522] vulnerability in FortiOS may allow a privileged authenticated attacker to retrieve LDAP credentials via modifying the LDAP server IP address in the FortiOS...
Read More