サクサク読めて、アプリ限定の機能も多数!
トップへ戻る
大そうじへの備え
securitylabs.datadoghq.com
research Amplified exposure: How AWS flaws made Amplify IAM roles vulnerable to takeover April 15, 2024 aws vulnerability disclosure Key Points We identified two variants of a vulnerability in AWS Amplify that exposed identity and access management (IAM) roles associated with Amplify projects, allowing them to become assumable by anyone in the world. If the authentication component was removed fro
research AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass January 17, 2023 aws vulnerability disclosure AWS administrators depend on CloudTrail to monitor API activity within their accounts. By logging API usage, CloudTrail enables teams to detect suspicious activity in AWS environments, catch attacks quickly, and better understand what happened following security incidents.
Introduction FastAPI is a highly popular Python web framework. On November 23rd, 2022, the Datadog Security Labs team identified a third-party utility Python package on PyPI related to FastAPI, fastapi-toolkit, that has been backdoored by a malicious actor. The attacker inserted a backdoor in the package, adding a FastAPI route allowing a remote attacker to execute arbitrary python code and SQL qu
emerging vulnerabilities The OpenSSL punycode vulnerability (CVE-2022-3602): Overview, detection, exploitation, and remediation November 1, 2022 emerging vulnerability On November 1, 2022, the OpenSSL Project released a security advisory detailing a high-severity vulnerability in the OpenSSL library. Deployments of OpenSSL from 3.0.0 to 3.0.6 (included) are vulnerable and are fixed in version 3.0.
Reliably detecting threats in an environment is critical for securing applications and infrastructure. But the increasing complexity of modern data pipelines makes it difficult to verify that detection rules are consistently able to spot the threats they are designed to look for. Today, we are happy to announce the release of a new open source project: Threatest, a CLI and Go framework for end-to-
このページを最初にブックマークしてみませんか?
『securitylabs.datadoghq.com』の新着エントリーを見る
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く