Articles XML Security in Java Tl;dr: In this blog post, you can read just how much of a mess Java XML security is. If by the end of this post, you…semgrep.dev X41 Audited Git The OSTIF sponsored a security source code audit of Git, which was performed by a team of security experts from X41 and…www.x41-dsec.de AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass | Datadog Security Labs Nick Frichette Senior Security Researcher AWS administrators depend on CloudTrail to monitor API activity within their…securitylabs.datadoghq.com

Articles I am not a supplier For the past few years, we have seen a lot of discussions around the concept of the Software Supply Chain. These…www.softwaremaxims.com Cacti: Unauthenticated Remote Code Execution Cacti is an open-source, web-based monitoring solution with a long-standing history dating back to its first release in…www.sonarsource.com Automating Malware Analysis Operations (MAOps) - JPCERT/CC Eyes I believe that automating analysis is a challenge that all malware analysts are working on for more efficient daily…blogs.jpcert.or.jp

Articles DualShock4 Reverse Engineering - Part 1 This year I got a very special gift for Christmas: a broken DualShock 4. You may say it's a relatively poor gift, but…blog.the.al G-3PO: A Protocol Droid for Ghidra (A Script that Solicits GPT-3 for Comments on Decompiled Code)medium.com Cloud Metadata - AWS IAM Credential Abuse Attackers are already fully aware of what cloud misconfigurations are and how to take advantage. Why would an attacker…sneakymonkey.net

The newsletter will be on hiatus for the next two weeks and will be back on 7 Jan. Merry Christmas and happy new year! Articles Unusual Cache Poisoning between Akamai and S3 buckets Hey, I am SpyD3r(@TarunkantG) and in this blog, I will be presenting an unusual way of Cache Poisoning which happens…spyclub.tech Building the Threat Detection Ecosystem at Brex Here’s our approach to building a threat detection platform in a vendor-agnostic way that aligns with the Brex…medium.com

Articles Vulnerability Management at Lyft: Enforcing the Cascade [Part 1] eng.lyft.com Bug Writeup: RCE via SSTI on Spring Boot Error Page with Akamai WAF Bypass This writeup talks about a successful collab that I did with Dark9T (@UsmanMansha) on a private program hosted on…h1pmnh.github.io Attacker persistence in Kubernetes using the TokenRequest API: Overview, detection, and prevention… Rory McCune Senior Advocate - Security & Compliance One common way for users to authenticate to Kubernetes clusters is…securitylabs.datadoghq.com

Articles Hardware Selection and Logistics (Passwordless Authentication Series, #1) How Palantir enforces passwordless authentication for thousands of globally distributed employees and contractors.blog.palantir.com How to Bypass Cloudflare: A Comprehensive Guide - ZenRows With studies estimating that over 40% of all internet traffic originates from bots, there has been a rise in demand for…www.zenrows.com

Articles Disrupting a PyPI Software Supply Chain Threat Actor Software supply chain attacks in the open-source ecosystem are frequent and pervasive. The cost of publishing a…blog.phylum.io Burp Suite and Protobuf - hn security Last year (I know, I'm "a little" late with this article 😀 ) I tested a couple of applications that employed the…security.humanativaspa.it A Deep Dive on AWS KMS Key Access and AWS Key Grants | CloudQuery We recently published a blog post about Encryption in AWS and Multi-Account Access. As a follow-up to that post, we're…www.cloudquery.io

Articles Finding malicious PyPI packages through static code analysis: Meet GuardDog | Datadog Security Labs Christophe Tafani-Dereeper Cloud Security Researcher and Advocate Ellen Wang Security Research Intern This blog post…securitylabs.datadoghq.com Stealing passwords from infosec Mastodon - without bypassing CSP The story of how I could steal credentials on Infosec Mastodon with a HTML injection vulnerability, without needing to…portswigger.net

Articles Internet Egress Filtering of Services at Lyft Using Envoy as an Explicit CONNECT and Transparent Proxyeng.lyft.com OWASP Software Component Verification Standard (SCVS) Unlike frameworks such as NIST's SSDF which is created by Government organizations, OWASP's SCVS is a community-driven…blog.aquia.us Self-Hosted GitHub Runners Are Backdoors - Praetorian Continuous Integration and Continuous Delivery (CI/CD) systems are powerful and configurable tools within modern…www.praetorian.com