Security researcher Eilon Harel created an open-source, automated scanner for the timely discovery of secrets in exposed AWS S3 buckets. It performs operations such as listing the bucket content via API queries, downloading the relevant textual files, checking for exposed textual files, forwarding ...Read More
The tool, dubbed RedEye, helps visualize command-and-control activities, allowing the teams to replay assessment actions rather than manually parsing log files to recreate events.
A cybersecurity consultant has discovered a new attack chain, GIFShell, that leverages GIF images in Microsoft Teams to execute arbitrary commands on the target’s machine. Since the data exfiltration is performed by leveraging Microsoft's own servers, it is challenging to identify the traffic and d ...Read More
A security researcher was able to hack into Starlink using $25 worth of off-the-shelf circuit board. To carry out the hack, a voltage fault injection attack was performed on a Starlink User Terminal (UT) or a satellite dish that people use to access the system. SpaceX has already responded to the r ...Read More
The OCSF project was initiated by a partnership between Splunk and AWS, which built on the ICD Schema developed at Symantec—now part of Broadcom. There are now 15 additional member organizations.
Email Security Check allows defenders to look up publicly available information about email domains and check for anti-spoofing and email privacy risks. Besides, the Email Security Check tool requires no sign-ups or personal details.
The FIDO authentication standard could eventually bypass passwords, or at least augment them, as government and industry turns to more effective authentication technologies.
MIT researchers developed an application-specific integrated circuit (ASIC) chip that can be implemented on an Internet-of-Things (IOT) device to defend against power-based side-channel attacks.
Security experts developed a three-phased approach that leverages electromagnetic field emanations to detect evasive malware on IoT devices including the unseen variants. The electromagnetic emanation calculated from the device is nearly undetectable by the malware. Thus, malware evasion tacti ...Read More
A new type of optical fiber filled with nothing but thin air has been found to be particularly effective to carry out quantum key distribution (QKD), a security protocol that is in principle un-hackable.
Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.