Blogs | ThreatModeler

3.8 Billion Users’ Combined Clubhouse, Facebook Data Up for Sale

Sep 27, 2021 | News

On its own, the database of 3.8 billion phone numbers leaked from social-media platform Clubhouse didn’t have much value on the underground market. In fact, they were eventually dumped in a hacker forum for free. Read more…

Consumer Cyber Stress Requires Focus on Security

Sep 27, 2021 | News

Consumers are feeling stressed out about cybersecurity, but many aren’t taking measures to better educate themselves or even check their accounts for indicators they’ve been hacked. Read more…

Execs Need Less Talk, More Action on Software Security

Sep 22, 2021 | News

As the software industry struggles to recover from a supply chain security crisis, a study from Venafi indicates industry executives are saying the right things but doing very little to back up the rhetoric with decisive action to ensure vendor security. Read...

Shadow Code Remains a High Security Risk

Sep 22, 2021 | News

PerimeterX released “Shadow Code: The Hidden Risk to Your Website,” the third annual survey conducted with Osterman Research on the use of Shadow Code in web applications. Read more…

Internet Users Stressed Out by Cyberattack News: Kaspersky

Sep 22, 2021 | News

A new Kaspersky survey found that internet users in the US and Canada increasingly believe the internet is stressful. The findings coincided with a more general increase in internet usage due to the COVID-19 pandemic. Read more…

OMIGOD Vulnerability Exposes Virtual Machines Running Inside Azure

Sep 21, 2021 | News

Late last month, researchers from cloud security firm Wiz found a new vulnerability that allows Azure users to access cloud databases of other users, breaking the principle of secure multitenancy. They dubbed it ChaosDB. Read more…

Mirai Botnet Starts Exploiting OMIGOD Security Flaw

Sep 20, 2021 | News

Threat actors have started to actively exploit critical Microsoft Azure vulnerabilities, just days after Microsoft disclosed them during September’s Patch Tuesday. Read more…

Threat Modeling is a Process not a Project

Sep 20, 2021 | Cloud security, DevOps, Recent News

Developers are starting to embrace the idea that threat modeling is a best practice as part of the secure development lifecycle (SDLC). And if it is, it can no longer be seen as a project. It must evolve into a process. A Project vs a Process Projects and processes...

Mirai Botnets Found to Exploit OMIGOD Vulnerabilities in Azure

Sep 17, 2021 | News

Just a few days after the four OMIGOD vulnerabilities were discovered in Microsoft Azure, researchers on Friday reported that Mirai botnets are either scanning or actively exploiting OMIGOD. Read more…

Attackers Exploit OMIGOD Flaw in Azure Despite Microsoft Fixes

Sep 17, 2021 | News

Cybercriminals are targeting Linux-based servers running Microsoft’s Azure public cloud environment that are vulnerable to flaws after Microsoft didn’t automatically apply a patch on affected clients in its infrastructure. Read more… If you’d like to learn more...

3.8 Billion Users’ Combined Clubhouse, Facebook Data Up for Sale

Consumer Cyber Stress Requires Focus on Security

Execs Need Less Talk, More Action on Software Security

Shadow Code Remains a High Security Risk

Internet Users Stressed Out by Cyberattack News: Kaspersky

OMIGOD Vulnerability Exposes Virtual Machines Running Inside Azure

Mirai Botnet Starts Exploiting OMIGOD Security Flaw

Mirai Botnets Found to Exploit OMIGOD Vulnerabilities in Azure

Attackers Exploit OMIGOD Flaw in Azure Despite Microsoft Fixes

Tags

Latest Posts

ThreatModeler

CloudModeler

IaC-Assist