H2C Smuggling Attack

H2C Smuggling Attack

A novel alternative to traditional HTTP request smuggling that spotlighted an obsolete, hitherto obscure protocol has been recognized as 2020’s top web hacking technique.HTTP/2 cleartext (H2C) smuggling abuses H2C-unware front-ends to create…
Malicious Amazon Alexa Vetting

Malicious Amazon Alexa Vetting

Amazon's skill vetting process for the Alexa voice assistant ecosystem that could allow a malicious actor to publish a deceptive skill under any arbitrary developer name and even make backend…
Threat Needle Malware
Posted incloudsecurity

Threat Needle Malware

A prolific North Korean state-sponsored hacking group aka Lazarus has been tied to a new ongoing espionage campaign aimed at exfiltrating sensitive information from organizations in the defense industry leveraging…