Monthly Archives: September 2022

News

350K Open-Source Projects At Risk of Supply Chain Vulnerability

Read Time:4 Second

The flaw resides in the tarfile module, automatically installed in any Python project

Read More

News

Report: The state of secure identity 2022

Read Time:36 Second

A new report from Okta has found that credential stuffing as a means of breaching Customer Identity and Access Management (CIAM) services is accelerating, fuelled by password reuse coupled with malicious bots and other automated tools.

The State of Secure Identity 2022 report, which is based on self-reported data from customers of Okta’s AuthO access management platform across the globe, found that 34% of all traffic across Auth0 network consists of credential stuffing attempts—amounting to nearly 10 billion attempts. In the first quarter of 2022, the Auth0 network tracked two of the largest credential stuffing spikes ever on the platform, with more than 300 million attempts per day.

To read this article in full, please click here

Read More

Advisories

CVE-2019-5641

Read Time:14 Second

Rapid7 InsightVM suffers from an information exposure issue whereby, when the user’s session has ended due to inactivity, an attacker can use the Inspect Element browser feature to remove the login panel and view the details available in the last webpage visited by previous user

Read More