In binary analysis, a recurrent problem is to track back a register or memory value (we will…
Contents hide 1 Three layers 2 Frida listens (Edit: Here is what Frida does) 3 Jailbreak detection…
Today’s Go security release fixes an issue involving PATH lookups in untrusted directories that can lead to remote execution…
The pandemic has turned 2020 into a year of medicine and information technology. The remarkable surge in…
The Transport Layer Security protocol (TLS), which secures most Internet connections, has mainly been a protocol consisting…
2021 has started with a sudden change in how IT and computing work. Remote work culture and…
Engineers configuring security groups and firewalls tend to focus on inbound/ingress rules to restrict the networks from…
If there is a single best practice for container security, it is to avoid running containers as…
If you are running Google Kubernetes Engine (GKE) Clusters with Basic Authentication, you’ll want to consider removing those credentials from your clusters. This post aims to outline the risks and considerations for remediation.
Cloud identity permissions are complex. So complex, that innocent looking permissions provided to 3rd party vendors can…
As a Google Cloud Administrator planning your IAM strategy for how to best use the built-in Google…
If an attacker compromises a Google Cloud Platform (GCP) user’s device, he can easily steal and abuse…
Cybersecurity researchers have disclosed a series of attacks by a threat actor of Chinese origin that has targeted organizations…
An ongoing malware campaign has been found exploiting recently disclosed vulnerabilities in network-attached storage (NAS) devices running…
Welcome! In this post, we’ll be taking a character-by-character look at the source code of the BioNTech/Pfizer…
On January 29, 2019, a serious vulnerability was discovered in Group FaceTime which allowed an attacker to call a…
You should already know how big tech companies like Google or Facebook are using your private data to make revenue from…
For many in the world of data science, distributed training can seem a daunting task. In addition…
TF 2.4 is here! With increased support for distributed training and mixed precision, new NumPy frontend and…
Cloud storage enables organizations to reduce costs and operational burden, scale faster, and unlock other cloud computing…
Here are my views on the “Top Ten” AWS Security, Identity and Compliance updates from AWS re:Invent…
In an ideal world HashiCorp Vault is neither the first nor last line of defense against an…
Infrastructure as code (IaC) is undoubtedly changing how engineers approach the cloud. IaC, when coupled with dev…
In terms of AWS security, first the good news: Amazon Web Services offers an impressive collection of security monitoring…
Introduction Kubernetes, like any other secure system, supports the following concepts: Authentication: Verifying and proving identities for…
This article introduces an approach to structure FastAPI applications with multiple services in mind. The proposed structure decomposes the individual services into packages and modules, following principles of abstraction and separation of concerns.
Contents hide 1 Why the GIL matters 2 Why I write this 3 Prerequisites 3.1 Linux 3.2…
Anti-cheat development is, by nature, reactive; anti-cheats exist to respond to and thwart a videogame’s population of…
Umair Akbar, senior security systems engineer and part of the core critical infrastructure of development at Hydra Technologies, demonstrates how to derive significant cost efficiencies in SIEM platform consumption with smart log ingestion utilizing pre-processing data pipelines and modern cloud services. Doing so significantly reduces data volumes to the SIEM without loosing the residual value and accessibility of the underlying data.
Contents hide 1 Introduction 2 Method Calls 2.1 Step 1: Zero arguments 2.2 Step 2: Multiple Arguments…