Attack technique alert: Vulcan Cyber discovered that AI package hallucination open developers to malicious attacks | Learn more >>

OWASP top 10 LLM risks: Discover the OWASP top 10 LLM risks for 2023 and the steps we can take to prevent them | Read more >>

CVE-2023-32784 in KeePass: How to fix the KeePass password manager vulnerability | Read more >>

Attack technique alert: Vulcan Cyber discovered that AI package hallucination open developers to malicious attacks | Learn more >>

OWASP top 10 LLM risks: Discover the OWASP top 10 LLM risks for 2023 and the steps we can take to prevent them | Read more >>

CVE-2023-32784 in KeePass: How to fix the KeePass password manager vulnerability | Read more >>

TRY VULCAN FREE

Malware in MacOS and more: first officer’s blog – week 54

The ongoing voyages of the Federation Support Ship USS [REDACTED]  First Officer’s log, Terrestrial date, 20230605, Officer of the Deck reporting.   When a ship’s captain starts with “What do you mean you have good news, and bad news?” You know it will not be an entirely straightforward or relaxing conversation. Unfortunately, that is the exact… Continue reading Malware in MacOS and more: first officer’s blog – week 54

CVE-2023-28131 and more: first officer’s blog – week 53

First Officer’s log, Terrestrial date, 20230529 Officer of the Deck reporting.   Working aboard a Starfleet vessel, you became used to the ship’s computer acting much like a part of the normal organic crew. While they could feel “alive” in many respects, they were technically just advanced expert systems that had been well-designed to respond to… Continue reading CVE-2023-28131 and more: first officer’s blog – week 53

The problem with Google’s new .zip top-level domains

It would be fair to say that the modern internet exists because the Domain Name System (DNS) has made it possible for people to easily find whatever it is they may be looking for. Over the years, everyone became familiar with the most common domains: .com, .net, .org, .edu, .gov., and the various state and… Continue reading The problem with Google’s new .zip top-level domains

CISA’s new additions and more: first officer’s blog – week 52

First Officer’s log, Terrestrial date, 20230515 Officer of the Deck reporting.   Our specialist team joined the XO and Systems officer of the USS [REDACTED] in their main computer core. Like most Starfleet ships, the core was a large structure in the center of what passed for a saucer section on this class. Like their ship,… Continue reading CISA’s new additions and more: first officer’s blog – week 52

Plugwalk Joe and more: first officer’s blog – week 51

The ongoing voyages of the Federation Support Ship USS [REDACTED]  First Officer’s log, Terrestrial date, 20230515 Officer of the Deck reporting.   We arrived at Starbase [REDACTED] on schedule and the control center directed us immediately to the maintenance space dock so they could get started on the inspections and possible remediation efforts. We experienced no… Continue reading Plugwalk Joe and more: first officer’s blog – week 51

Clouds of insecurity and more: first officer’s blog – week 50

The ongoing voyages of the Federation Support Ship USS [REDACTED]  First Officer’s log, Terrestrial date, 20230508 Officer of the Deck reporting.   With the recent conference out of the way and the crew quickly returning to the usual routine, the USS [REDACTED] set out from the conference site back to Starbase [REDACTED] for another round of… Continue reading Clouds of insecurity and more: first officer’s blog – week 50

Software supply chain challenges and more: first officer’s blog – week 49

The ongoing voyages of the Federation Support Ship USS [REDACTED]  First Officer’s log, Terrestrial date, 20230501 Officer of the Deck reporting.   By running at our maximum cruising speed, the USS [REDACTED] arrived at the conference with time to spare. This let us get everything set up and properly prepared for the various meetings, presentations, and… Continue reading Software supply chain challenges and more: first officer’s blog – week 49

CVE-2023-2136 and more: first officer’s blog – week 48

The ongoing voyages of the Federation Support Ship USS [REDACTED]  First Officer’s log, Terrestrial date, 20230424 Officer of the Deck reporting. The captain, showing extraordinary grace and professionalism, rendered assistance to the crippled [REDACTED] ship, towing them out of the debris field and making sure that at least their life support and power systems were… Continue reading CVE-2023-2136 and more: first officer’s blog – week 48

WordPress, Apple targeted: first officer’s blog – week 47

The ongoing voyages of the Federation Support Ship USS [REDACTED]  First Officer’s log, Terrestrial date, 20230417 Officer of the Deck reporting.   The Engineering team was rapidly bringing systems back online as the [REDACTED] ship awkwardly maneuvered out of the debris field. While the ship itself looked like a collection of spare parts flying in tight… Continue reading WordPress, Apple targeted: first officer’s blog – week 47

GitHub exposed and more: first officer’s blog – week 46

The ongoing voyages of the Federation Support Ship USS [REDACTED]  First Officer’s log, Terrestrial date, 20230410. Officer of the Deck reporting.   As Engineering worked quickly to restore power, bringing basic sensors and communications back online only a few minutes after the captain told the [REDACTED] that we’d see what we could do, helm explained their… Continue reading GitHub exposed and more: first officer’s blog – week 46