Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Calico has recently introduced a powerful new policy recommendation engine that enables DevOps, SREs, and Kubernetes operators to automatically generate Calico policies to implement namespace isolation and improve the security posture of their clusters.

The Fireblocks cryptography research team has uncovered BitForge – a series of zero-day vulnerabilities in some of the most widely adopted implementations of multi-party computation (MPC) protocols, including GG-18, GG-20, and Lindell17.

This vulnerability allows an attacker to extract a full private key from a wallet implementing Lindell17 2PC protocol, by extracting a single bit in every signature attempt (256 in total). Coinbase WaaS, Zengo and other libraries have been patched.

This newfound vulnerability allows an attacker to extract a full private key from any wallet using the GG18 and GG20 protocols. More than 10 wallets and libraries have been found vulnerable, including Binance custody.

Imagine being named XYZ in a crowd of other XYZs – a purposeless name that creates confusion and does not communicate a purpose, adding to the cognitive pile of everyone’s day-to-day tasks. Similarly, Active Directory groups created by users need to have logical names so that current and future users do not find themselves stuck in a pickle.

Technology in the modern era moves fast. Historically, new technologies emerged quickly as well, but novelty in the age of computing occurs in a matter of days, sometimes even minutes. Do you use the same computer or cell phone that you did five years ago? And how often do you run software updates or patches on your devices?

Common indicators of a phishing attempt include warnings from your email service provider, urgent language, threat of dire consequences, too-good-to-be-true offers and more. Continue reading to learn what to look for to spot phishing attempts and how to keep yourself protected.

The Colorado Department of Higher Education is the government organization responsible for overseeing public education throughout the state. The organization implants most education-related policies and also manages data for educational institutions. This organization recently suffered from a significant data breach, leading to information losses for students associated with public schools throughout Colorado. It's an issue that could result in widespread data losses.

The SafeBreach Labs team is committed to conducting original research to uncover new threats and ensure our Hacker’s Playbook provides the most comprehensive collection of attacks. As part of our recent research efforts, we discovered a vulnerability in the Windows Defender update process that could effectively allow an unprivileged user to take full control of the Windows Defender tool and leverage it for future malicious activities.