Apple creates Private Cloud Compute VM to let researchers find bugs
Apple created a Virtual Research Environment to allow public access to testing the security of its Private Cloud Compute system,…
AWS’s Predictable Bucket Names Make Accounts Easier to Crack
Amazon's open source Cloud Development Kit generates dangerously predictable naming patterns that could lead to an account takeover.
The Global Surveillance Free-for-All in Mobile Ad Data
Not long ago, the ability to remotely track someone’s daily movements just by knowing their home address, employer, or place…
AWS, Azure auth keys found in Android and iOS apps used by millions
Multiple popular mobile applications for iOS and Android come with hardcoded, unencrypted credentials for cloud services like Amazon Web Services (AWS)…
Team-Based Training and the Power of Simulation
In the constantly evolving realm of cybersecurity, it is critical for incident responders to be prepared and effective. As cyber…
Innovator Spotlight: Interpres Security
In the current cybersecurity landscape, the focus has shifted from merely managing vulnerabilities to strategically orchestrating defenses against targeted threats.…
Innovator Spotlight: Concentric
Data security is more critical than ever as organizations manage vast amounts of sensitive information across cloud and on-premises environments.…
The Unsolvable Problem: XZ and Modern Infrastructure
The ongoing prevalence (and rise) of software supply chain attacks is enough to keep any software developer or security analyst…
MacOS Safari ‘HM Surf’ Exploit Exposes Camera, Mic, Browser Data
Microsoft researchers toyed with app permissions to uncover CVE-2024-44133, using it to access sensitive user data. Adware merchants may have…
CISOs: Throwing Cash at Tools Isn’t Helping Detect Breaches
A survey shows three-quarters of CISOs are drowning in threat detections put out by a sprawling stack of tools, yet…