Cybercrime & Digital Threats

In the latest installment of our ongoing series where we identify and investigate security flaws in Azure Machine Learning (AML), we explore how cybercriminals could manage to covertly gain persistence in AML workspaces.

This article focuses on the Apache APISIX API gateway and its security implications.

In this article, we dive into API gateway functions and risks, the advantages of API gateways in hybrid and multi-cloud environments, and common API security risks and best practices.

VicOne’s annual cyberthreat landscape report gives an idea of the coming reality of cyberthreats to modern cars. A chief concern is the vulnerabilities that could spell new risks to the connected vehicle ecosystem.

We examine the automotive data ecosystem and take a closer look at privacy and security concerns arising from how data is generated, consumed, and transmitted by connected vehicles.

In today’s rapidly evolving digital landscape, the risk of personal and professional data being stolen by nefarious actors looms larger than ever. This report lays bare the stark reality of this threat, with a specific focus on the unequal risks associated with data theft and its subsequent misuse.

In our previous entry, we examined how credentials were being stored and logged in cleartext on compute instances (CIs) created in Azure Machine Learning (AML) service and the risks posed by the same. This article examines an information disclosure bug we found in one of the cloud agents used in the AML service and sheds light on the importance of threat modeling the agents’ features to uncover silent and hidden attack surfaces.

We summarize the cybercriminal trends surrounding the Linux threat landscape last year, and what security teams and organizations can do to mitigate the risks and defend against attacks.

We probed the Azure Machine Learning (AML) service to identify security flaws and vulnerabilities and shed light on the unseen aspects of silent threats in managed services like AML.