Cyber Resilience Act: Security Requirements in Development
On October 10th, 2024, the EU Parliament mandated security standards for connected software with the enactment of the…
Cybersecurity
77 posts
PostgreSQL PL/Perl Vulnerability: ENV Variable Exploit & Dev Notes
Researchers have discovered a high-severity vulnerability in PostgreSQL’s PL/Perl trusted language extension that could allow attackers to execute…
Web Security 101: Understanding Strict-Transport-Security Headers
In this series of evaluating web security headers, we are now diving in with HSTS, the HTTP Strict-Transport-Security…
Introduction to Offensive Security – The Ethics and Legality of Cybersecurity
Offensive security practices like penetration testing and red teaming are used to identify and address vulnerabilities before malicious…
Web Security 101: Understanding Content Security Policy Headers (CSP)
Content security policy (CSP) is a browser feature that can help minimize the risk of a multitude of…
OWASP Top 10: A Sign of Progress in Web Security
As sarcastic as it sounds, even with all the ever-increasing data breaches and various attacks, we are seeing…
Synology affected by a critical zero-click flaw. Another win for Pwn2Own Ireland 2024
In a weird sense, it feels good to point out security issues on competitors, even though we recommend…
QNAP fixed NAS backup zero-day demonstrated at Pwn2Own Ireland 2024
Two major security issues hit QNAP users In a way of working that looks like someone digging a…
The Future in Software Development Lifecycle Looks Filled with AI
The software development fields’s constant shift in landscape is not something that was threatened by generative AI becoming…
Preying on Misconfiguration: EMERALDWHALE Operation Steals 15K Cloud Credentials
A less sophisticated but nevertheless effective attack vector We are becoming accustomed to attackers gaining the upper hand…