はてなブックマーク

research AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass January 17, 2023 aws vulnerability disclosure AWS administrators depend on CloudTrail to monitor API activity within their accounts. By logging API usage, CloudTrail enables teams to detect suspicious activity in AWS environments, catch attacks quickly, and better understand what happened following security incidents.

Introduction FastAPI is a highly popular Python web framework. On November 23rd, 2022, the Datadog Security Labs team identified a third-party utility Python package on PyPI related to FastAPI, fastapi-toolkit, that has been backdoored by a malicious actor. The attacker inserted a backdoor in the package, adding a FastAPI route allowing a remote attacker to execute arbitrary python code and SQL qu

emerging threats and vulnerabilities The OpenSSL punycode vulnerability (CVE-2022-3602): Overview, detection, exploitation, and remediation November 1, 2022 emerging vulnerability On November 1, 2022, the OpenSSL Project released a security advisory detailing a high-severity vulnerability in the OpenSSL library. Deployments of OpenSSL from 3.0.0 to 3.0.6 (included) are vulnerable and are fixed in

Reliably detecting threats in an environment is critical for securing applications and infrastructure. But the increasing complexity of modern data pipelines makes it difficult to verify that detection rules are consistently able to spot the threats they are designed to look for. Today, we are happy to announce the release of a new open source project: Threatest, a CLI and Go framework for end-to-