-
Insecure Bootstrap Process in Oracle Cloud CLI
Summary The bootstrap process for Oracle Cloud CLI using the “curl | bash” pattern was insecure since there was no way to verify authenticity of the downloaded binaries. The vendor is now publishing checksums that can be used to verify the downloaded binaries. Vulnerability Details As part of our ongoing research into supply chain attacks,…
-
Speaking @Appsec_Village @DEFCON 29
Our talk titled “The Poisoned Diary: Supply Chain Attacks on Install Scripts” was accepted at this year’s @Appsec_Village @DEFCON 29. UPDATE: It will take place on Sunday, August 8th, at 9:05 AM PST / 12:05 PM EDT. Details can be found here – Q&A will take place on DEFCON’s Discord server. Slides (PDF) Video recording…
-
Open Redirect Vulnerability in Substack
Summary Substack had a open redirect vulnerability in their login flow which would have allowed an attacker to facilitate phishing attacks. The vendor has deployed a fix for this issue. Vulnerability Details Substack is an online platform that allows users to create and operate free and paid subscription newsletters. This platform had an open redirect…
-
New Tools for Addressing Supply Chain Attacks
In the recent codecov.io security incident, an attacker modified a shell script used by a common software development tool for code coverage. This modification did not take place at the original source code repository where it would have been visible to others, but after the code was packaged and placed on the web server from…
-
Firebase CLI Installer Making Calls to Google Analytics
Firebase is a mobile and web application development platform provided by Google. One of the tools available for the platform is the Firebase CLI tool (GitHub repo) which helps developers interact with the platform from command line. An automatic install script is offered among other options, which allows installation of the CLI tool via the…
-
What To Know About Endpoint Monitoring in 2025
Today’s workforce is more distributed than ever. Globally, 16% of companies are fully remote, while 40% have a hybrid arrangement. As workforces become increasingly distributed, security leaders face many challenges. They must monitor potential malicious activity across a wide array of devices scattered throughout the entire network. With the rise of endpoint monitoring tools, it…
-
Handling Internal Security Threats: A Balanced Approach
While external cyberattacks often make the headlines, internal security risks (aka insider risks) present a significant danger that is sometimes underestimated. These risks can arise from disgruntled employees, negligent insiders, or malicious actors with privileged access. The repercussions of such breaches can be severe, resulting in data loss, financial harm, legal fines, and harm to…
-
The 2025 Guide to User & Entity Behavior Analytics (UEBA)
User and Entity Behavior Analytics (UEBA) is a long-term that essentially refers to a security process that utilizes analytics to identify abnormal network behavior. UEBA takes a proactive approach by scanning the actions of users and entities within a network. It doesn’t just react to threats but also establishes a baseline from which it learns…
-
20 Causes of Data Loss Threatening Businesses in 2025
Data is not just a strategic asset. It’s the lifeblood of your organization. Losing access to any strategic asset can threaten an organization’s viability; without plants and equipment, manufacturers would find it difficult to succeed, and service providers can’t operate without brand recognition. Similarly, without data, your organization could be left in a state of…
-
10 Indicators of Compromise (IOC) Examples To Look Out For
As information security professionals, you play a crucial role in using the term “indicators of compromise” (IOC) to describe any malicious activity that may suggest a computer system has been compromised. Your expertise in identifying IoCs can help quickly determine when an attack has occurred and identify the perpetrators. Your insights can also help determine…