GraphQL API authorization vulnerability found in large B2B financial technology platform

Cybersecurity firm Salt Labs discovered a GraphQL API authorization vulnerability in a large B2B financial technology platform that would give attackers the ability to submit unauthorized transactions against customer accounts…

Compromise assessment or threat hunting? What do organizations need?

Organizations worldwide are undergoing rapid digitization to keep up with the fast-paced world we live in today. While it is a good initiative, cloud computing and remote work setup have…

Panasonic’s Data Breach Leaves Open Questions

Cyberattackers had unfettered access to the technology giant’s file server for four months. Consumer electronics giant Panasonic’s data breach raises questions, researchers say – given that more than two weeks…

Researchers Flag 300K Banking Trojan Infections from Google Play in 4 Months

Attackers are honing Google Play dropper campaigns, overcoming app store restrictions. Overcoming Google Play app restrictions, attackers have successfully racked up more than 300,000 banking trojan installations over just the…

Data Breach at Panasonic

Data Breach at Panasonic The Panasonic Corporation has disclosed a data security incident in which an undisclosed amount of data was compromised. In a statement issued Friday, the major Japanese multinational conglomerate announced that…

Apple’s NSO Group Lawsuit Amps Up Pressure on Pegasus Spyware-Maker

Just weeks after a judge ruled that NSO Group did not have immunity in a suit brought by Facebook subsidiary WhatsApp, Apple is adding significant weight to the company’s woes.…

6M Sky Routers Left Exposed to Attack for Nearly 1.5 Years

Pen Test Partners didn’t disclose the vulnerability after 90 days because it knew ISPs were struggling with a pandemic-increased network load as work from home became the new norm. Sky,…

Man Charged with Impersonating Female Minnesota Student Online

Man Charged with Impersonating Female Minnesota Student Online A man from the People’s Republic of China has been charged in connection with the cyberstalking of a female college student in…

Learn Subscriptions: Course Structure and New Courses

With the Offsec Training Library (OTL) being a growing platform for continuous cybersecurity workforce development, we remain committed to delivering new content and expanding into new areas (dare we say,…