Credential Disclosure in LastPass
LastPass was susceptible to a clickjacking attack. By intercepting traffic, an attacker would have been able to harvest login credentials of LastPass users. LastPass ...
Read MoreSearch
Skynet wants your Passwords! – Defending Against AI-Driven Social Engineering Attacks
This second installment in our series takes a fresh look at defenses against social engineering that leverage AI technology. As we delve into strategies for both ...
Read MoreUsing Cloudflare to bypass Cloudflare
Cloudflare customer-configured protection mechanisms (e.g., Firewall, DDoS prevention) for websites can be bypassed due to gaps in cross-tenant security controls ...
Read MoreThousands of Organizations Vulnerable to Subdomain Hijacking
Subdomain Hijacking presents a concerning scenario where attackers take control of websites hosted on subdomains owned by reputable organizations, enabling them to ...
Read More