Collaborate Disseminate
I wondered If there are some official/reliable resources to discover statistics regarding new threats and attack vectors generated by GenAI or Large Language Models (LLM) that recently opened a new era and attack surface.
We don’t normally worry about old school viruses breaking out of emulators; but sometimes we worry about targeted exploit code breaking out of emulators.
8086tiny is an 8086/80186 CPU emulator. The active development repository seems to be… Continue reading Is it possible to break out of 8086 tiny from within?
While it is obvious that an attack surface is the sum of all ways the system can be compromised or attack vectors (please correct me if I am wrong here or am not taking something into account), it is not that obvious if an exposed username… Continue reading Does an exposed username increase the attack surface?
As a full-stack cloud-native (AWS, Azure, and GCP) polyglot (Rust, Golang, Python, and Java) microservices developer, the nagging question that I have is if the use of multiple technology frameworks vs single language (e.g., Java) have inc… Continue reading Are polyglot microservices (multiple technologies) more secure than using a single technology framework?
An annual report published today by Sumo Logic, a provider of security tools delivered as a cloud service, highlights the degree to which security has fundamentally shifted in the age of the cloud. Based on an analysis of data culled from more than 2,… Continue reading Sumo Logic Finds Attack Surface Expanding
Although openssh is awesome, I’m interested in exploring some more lightweight FLOSS alternatives to use for connecting to servers I’m administrating (and using alone). Since I only need a minimal set of features (only public-private-key … Continue reading Recommendations on minimal alternatives to openssh
We have a self hosted git server in our company. It is reachable over the internet because our developers work together with external consultants, developers and other persons. Between the internet and the internal server is a reverse prox… Continue reading Does additional SSH access on top of HTTPS improve or harm the security of a self hosted Git server?
Listen and subscribe to our new podcast! Tripwire’s cybersecurity podcast features 20-minute conversations with the people who protect people from cyber threats. Hosted by Tripwire’s VP of Product Management and Strategy, Tim Erlin, each ep… Continue reading (Podcast) Episode 01: What “Attack Surface” Means in 2020
The majority give outside partners, contractors and suppliers administrative access — without strong security policies in place. Continue reading ThreatList: Admin Rights for Third Parties is the Norm
Employees pose a huge risk to an organization. For years, the Verizon Data Breach Investigations Report (DBIR) has listed employees or insiders as a top threat. It appears that leadership is finally starting to pay attention to this threat. According … Continue reading Employees: Part of the Attack Surface