Blog
Explore our latest blogs, where we cover everything from software security and threat modeling to compliance and risk management – covering the topics that matter to you.
Twitch confirms data exposed in major leak, but “”no indication”” passwords leaked
UPDATE 15/10/21: Twitch has released a further statement with regards to the recent data leak, confirming that passwords have not been exposed. Read...
Researchers Document Attacks on Azure OMI and the Atlassian Confluence OGNL
Researchers on Wednesday reported on Wednesday a sharp increase in the number of attackers trying to exploit the Azure Open Management Infrastructure...
How Third-Party Code Makes App Development a Cybersecurity Risk
For years, cybersecurity-minded organizations have attempted to convince their development teams to bring more security into the application...
The High Cost of Using Free Threat Modeling Tools – Part 3
NOTE: This is part three of a three-part series on making the business case for using commercial threat modeling tools. In part one, we put a dollar...
10 Biggest Revelations from the Unprecedented Twitch Hack
An anonymous hacker posted a massive cache of information this week about Twitch, revealing more than a few stunning pieces of information about...
Your Twitch account was definitely hacked, here’s what we know so far
On October 7, Twitch confirmed that an enormous hacking incident took place. Large data sets including the platform’s private source code, unreleased...
To get big Twitch payouts, you have to be among the top 0.01% of streamers
Some of Twitch's internal records are now public knowledge following a major data breach and the online distribution of documents that, among other...
Apache Leak Spotlights Dangers of Misconfigured Workflow Management Platforms
The recent disclosure of misconfigurations in Apache Airflow instances that exposed thousands of credentials for Slack, PayPal and AWS and other...
Novel RAT Attacks Global Aerospace and Telecommunications Firms
The Cybereason Nocturnus and Incident Response Teams recently responded to Operation GhostShell, a highly targeted cyber espionage campaign that...