vimarsana.com

Latest Breaking News On - Eric schwake - Page 1 : vimarsana.com

Memory corruption flaw in Fluent Bit could disrupt cloud platforms

Security pros warn that a bug in the popular open-source logging and metrics tool could cause denial-of-service attacks and data loss in all the major cloud platforms, including AWS, GCP and Azure.

Attackers evade detection by leveraging Microsoft Graph API

Microsoft Graph API has become popular with hackers because running criminal ops on widely used cloud services raises less suspicion.

Salt Security Addresses Critical OAuth Vulnerabilities Enhancing API Security with OAuth Protection Package

OAuth is an important part of modern authorization frameworks, granting access to resources across different applications easily. However, vulnerabilities in OAuth implementations can create significant security risks. Following research released by Salt labs that uncovered critical vulnerabilities in the world's most popular authorization mechanism, Salt has released a multi-layered protection package to detect attempts to exploit OAuth and proactively fix the vulnerabilities. Salt Security is enhancing its API protection platform with a comprehensive suite of new OAuth threat detections and posture rules to address this growing challenge. These innovations empower organizations to identify and mitigate malicious attempts to exploit OAuth flows, ultimately safeguarding sensitive data and user accounts.The OAuth Attack LandscapeLet's take a closer look at the types of OAuth attacks these new capabilities will address:Access Token and Authorization Code Theft: Vulnerabilities

Hugging Face AI models, customer data at risk to cross-tenant attacks

New joint research by Wiz and AI-as-a-service provider Hugging Face find that a malicious pickle-serialized model could contain a remote execution payload.

Critical Bugs Put Hugging Face AI Platform in a Pickle

One issue would have allowed cross-tenant attacks, and another enabled access to a shared registry for container images; exploitation via an insecure Pickle file showcases emerging risks for AI-as-a-service more broadly.

© 2024 Vimarsana

vimarsana © 2020. All Rights Reserved.