🔓
Attacks & Vulnerabilities
Australian Food Service Provider's Internal Records and Invoices Exposed in Third Party Data Breach (4 minute read)
Security researcher Jeremiah Fowler discovered an unprotected database belonging to Patties Food Limited that was internet accessible. The database contained nearly 500K internal logs which exposed internal, customer, and vendor emails. The database also contained over 25K invoices which included vendors, contacts, emails, and banking information. The databases were managed by a third party known as Proveno.ai, which has responded to the responsible disclosure and protected the databases.
TikTok Fixes 0-Day Bug Used to Hijack High-Profile Accounts (2 minute read)
TikTok has fixed a 0-day vulnerability that allowed attackers to take over accounts. The vulnerability required the attacker to send a DM to the victim and the victim to open the message but did not require any further interaction such as clicking links. TikTok has not given details as to the number of accounts that were compromised.
Security First: DevSecOps Empowerment with Terrascan (8 minute read)
Terrascan is an IaC scanner by Tenable that can be used to scan Terraform files, Helm Charts, Dockerfiles, and other IaC files. This post walks through the steps to install Terrascan and run it against Terraform files. It provides the full output of the sample run and walks through the found vulnerabilities.
Why SAST + DAST can't be enough (7 minute read)
Static and dynamic app testing are important but not enough to fully secure modern software. New automated testing procedures are needed to address evolving threats and vulnerabilities. Detection in source code is crucial for enhancing application security beyond traditional methods.
Secure your Tailscale Infrastructure Further with Mutual TLS (4 minute read)
Viktor Petersson, co-founder of Screenly, walks through the process of utilizing certificates generated by Tailscale for Mutual TLS to provide an added layer of security to sensitive applications or those that don't require authentication. Petersson first generates a client certificate with Tailscale and exports it to a PKCS#12 bundle, then he imports that to a browser, and finally deploys a ghostunnel server to reverse proxy traffic on the server.
Microsoft Deprecates Windows NTLM Authentication Protocol (3 minute read)
Microsoft announced that it has officially deprecated the outdated NTLM authentication protocol in favor of more secure alternatives. NTLM will still work in the next release of Windows server and the next annual release of Windows. Administrators are encouraged to audit their use of NTLM and users are encouraged to transition to Negotiate which attempts authentication with Kerberos before falling back to NTLM.