Closer to the Edge: Hyperscaling Have I Been Pwned with Cloudflare Workers and Caching

Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device.

I’ve spent more than a decade now writing about how to make Have I Been Pwned (HIBP) fast. Really fast. Fast to the extent that sometimes, it was even too fast:

The response from each search was coming back so quickly that the user wasn’t sure

Continue reading Closer to the Edge: Hyperscaling Have I Been Pwned with Cloudflare Workers and Caching

Google’s AI-Powered OSS-Fuzz Tool Finds 26 Vulnerabilities in Open-Source Projects

Google has revealed that its AI-powered fuzzing tool, OSS-Fuzz, has been used to help identify 26 vulnerabilities in various open-source code repositories, including a medium-severity flaw in the OpenSSL cryptographic library.
“These particular vulnera… Continue reading Google’s AI-Powered OSS-Fuzz Tool Finds 26 Vulnerabilities in Open-Source Projects

Posted in Uncategorized

NodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card Data

Threat hunters are warning about an updated version of the Python-based NodeStealer that’s now equipped to extract more information from victims’ Facebook Ads Manager accounts and harvest credit card data stored in web browsers.
“They collect budget de… Continue reading NodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card Data

Posted in Uncategorized

AxoSyslog: Open-source scalable security data processor

AxoSyslog is a syslog-ng fork, created and maintained by the original creator of syslog-ng, Balazs Scheidler, and his team. “We first started by making syslog-ng more cloud-ready: we packaged syslog-ng in a container, added helm charts, and made it mor… Continue reading AxoSyslog: Open-source scalable security data processor

Product showcase: Augmenting penetration testing with Plainsea

Human-led penetration testing is an essential practice for any organization seeking to proactively address potential attack vectors. However, this indispensable pentesting method is often limited by several factors: high resource demands, project time … Continue reading Product showcase: Augmenting penetration testing with Plainsea