Get a demo

Roku experiences another data breach; Apple notifies users about mercenary spyware attacks

It’s rare to see a data breach study observers call a “mixed bag.” Normally, reports on data breaches are grim, touting how each year was a record high for the number of ...

Linux Backdoor Infection Scare, Massive Social Security Number Heist

In episode 325, Tom and Kevin discuss a significant backdoor threat that nearly compromised Linux systems globally, stemming from an infiltration into an open-source project called XZ Utils by attackers who gained ...

Backdoor in XZ Utils That Almost Happened

Last week, the Internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It’s a catastrophe that didn’t happen, so it won’t get much attention—but it should. There’s ...

US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

The US Cyber Safety Review Board released a report on the summer 2023 hack of Microsoft Exchange by China. It was a serious attack by the Chinese government that accessed the emails ...

XZ Utils Backdoor

The cybersecurity world got really lucky last week. An intentionally placed backdoor in XZ Utils, an open-source compression utility, was pretty much accidentally discovered by a Microsoft engineer—weeks before it would have ...

Security Vulnerability in Saflok’s RFID-Based Keycard Locks

It’s pretty devastating: Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security ...

A Taxonomy of Prompt Injection Attacks

Researchers ran a global prompt hacking competition, and have documented the results in a paper that both gives a lot of good examples and tries to organize a taxonomy of effective prompt ...

Stopping Credential Stuffing Attacks: We Need to Do Better

Do you know what 23andMe, Jason's Deli, North Face, and Hot Topic have in common? They've all been breached by successful credential stuffing attacks in the last year!  An attack type that ...
Employee Spotlight – Stefan Dumitrascu

Employee Spotlight – Stefan Dumitrascu

We spoke to Chief Technology Officer, Stefan Dumitrascu For this month’s employee spotlight piece, we spoke to Chief Technology Officer, Stefan Dumitrascu. How long have you been working at SE Labs? I’ve ...