Hardware vulnerabilities in smart locks Obtaining information for hardware analysis of smart locksAspects to review during hardware an... 2023-9-21 18:22:36 | 阅读: 4 | 收藏 | Tarlogic Security - www.tarlogic.com hardware spi firmware swd

CVE-2023-4863: Heap buffer overflow in Google libwebp (WebP) The vulnerability CVE-2023-4863 is found in the open source Libwebp library and affects bro... 2023-9-19 16:14:45 | 阅读: 27 | 收藏 | Tarlogic Security - www.tarlogic.com 4863 mozilla brave opera chromium

Best practices in cybersecurity for AI 1. The complex AI threat landscape1.1. Theft, manipulation, destruction… Categorizing threats2... 2023-9-19 15:11:50 | 阅读: 3 | 收藏 | Tarlogic Security - www.tarlogic.com security threats enisa

Top 10 vulnerabilities in LLM applications such as ChatGPT 1. Prompt injections1.1. Prevention2. Insecure handling of outputs2.1. Prevention3. Poisoning... 2023-9-12 17:0:29 | 阅读: 7 | 收藏 | Tarlogic Security - www.tarlogic.com llm security generative

What are the AI security risks? 1. AI is one of the great allies of cybersecurity1.1. And AI cybersecurity2. Data, models, cyb... 2023-9-7 21:51:4 | 阅读: 1 | 收藏 | Tarlogic Security - www.tarlogic.com security artificial software development

OWASP SAMM: Assessing and Improving Enterprise Software Security OWASP SAMM is a model that helps companies assess their software security posture and implemen... 2023-8-28 19:25:50 | 阅读: 2 | 收藏 | Tarlogic Security - www.tarlogic.com security software samm maturity posture

The 4 keys to the NIST Cybersecurity Framework v2 1. Main novelties of the NIST Cybersecurity Framework v21.1. A multi-sectoral and global tool1... 2023-8-16 16:44:50 | 阅读: 5 | 收藏 | Tarlogic Security - www.tarlogic.com security governance objectives outcomes

DevSecOps: Producing software quickly, continuously, and securely 1. What is behind the DevSecOps concept?2. From DevOps to DevSecOps or how security emerged as... 2023-8-8 18:48:39 | 阅读: 3 | 收藏 | Tarlogic Security - www.tarlogic.com security software development lifecycle

CVE-2023-35082: Unauthenticated API Access Vulnerability in MobileIron Core CVE-2023-35082 is a critical vulnerability that allows access to APIs in older versions of Mobi... 2023-8-7 21:52:59 | 阅读: 27 | 收藏 | Tarlogic Security - www.tarlogic.com mobileiron 35082 ivanti security mifs

CVE-2023-35078: Remote authentication bypass in Ivanti EPMM API CVE-2023-35078 is a critical vulnerability that allows access to restricted functionality o... 2023-8-2 22:24:24 | 阅读: 11 | 收藏 | Tarlogic Security - www.tarlogic.com ivanti security epmm 35078

SSVC: How to make decisions about IT vulnerabilities 1. SSVC, qualitative data to manage IT vulnerabilities2. Decision points that mark the decisio... 2023-7-31 17:57:15 | 阅读: 6 | 收藏 | Tarlogic Security - www.tarlogic.com ssvc mission security epss

What are advanced persistent threats? 1. Deconstructing the APT concept2. How do advanced persistent threats differ from traditional... 2023-7-26 17:7:43 | 阅读: 11 | 收藏 | Tarlogic Security - www.tarlogic.com threats objectives resilience hostile

CVE-2023-3519: 0-day vulnerability exploited the wild in Citrix NetScaler On July 18, 2023, Citrix released information and updates to address a critical vulnerability (... 2023-7-21 02:9:14 | 阅读: 32 | 收藏 | Tarlogic Security - www.tarlogic.com netscaler adc fips 3519 citrix

OWASP API Security Top 10 1. APIs, a key element in the digitization of the world2. Top 10 API Security Risks2.1. Broken... 2023-7-18 15:22:4 | 阅读: 10 | 收藏 | Tarlogic Security - www.tarlogic.com security hostile prevention2

Detecting emerging vulnerabilities before they are exploited 1. Navigating an ocean of more than 200,000 vulnerabilities2. Supply chain attacks and the dom... 2023-7-10 18:12:30 | 阅读: 9 | 收藏 | Tarlogic Security - www.tarlogic.com emerging security hostile

CVE-2023-33299: Unauthenticated remote code execution vulnerability in FortiNAC On June 19, 2023, Fortiguard published the information and updates to fix a critical vulnerabil... 2023-6-30 15:19:50 | 阅读: 30 | 收藏 | Tarlogic Security - www.tarlogic.com fortinac 33299 network software security

CVSS v4: Assessing vulnerabilities to prioritize their mitigation 1. A standard that facilitates IT vulnerability management1.1. Measuring the severity level of... 2023-6-29 21:12:51 | 阅读: 5 | 收藏 | Tarlogic Security - www.tarlogic.com metric security measure assessing

MITRE ATT&CK: What tactics and techniques are cybercriminals employing? 1. Approach cybersecurity from the point of view of the bad guys2. The three MITRE ATT&CK tech... 2023-6-27 21:58:59 | 阅读: 4 | 收藏 | Tarlogic Security - www.tarlogic.com malicious tactic security network

The ins and outs of BlueTrust, a Bluetooth vulnerability 1. BIAS and KNOB1.1. BIAS1.3. KNOB1.3. Combining BIAS and KNOB2. Overcoming the challenges of... 2023-6-23 18:49:11 | 阅读: 17 | 收藏 | Tarlogic Security - www.tarlogic.com bias bluetrust lmp encryption

CVE-2023-27997: Fortinet Fortigate SSL VPN Pre-Auth RCE critical vulnerability Details have been disclosed about a critical vulnerability (CVE-2023-27997) affecting Fortinet... 2023-6-16 17:29:54 | 阅读: 45 | 收藏 | Tarlogic Security - www.tarlogic.com fortios 6k7k fortiproxy 27997 fortigate