Blog

Thousands of Unsecured Kubernetes Clusters Exposed on the Internet — Wave 9

Thousands of Unsecured Kubernetes Clusters Exposed on the Internet — Wave 9

Wave 9 of Project Resonance was conducted to determine the security posture of the exposed Kubernetes clusters around the internet.…
The Current State of Security, Privacy and Attack Surface on Android: Scanning Apps for Secrets and More – Wave 8

The Current State of Security, Privacy and Attack Surface on Android: Scanning Apps for Secrets and More – Wave 8

Our research shows that secret leakage is still an issue developers must be addressed with secure development practices. We recommend…
Millions of Secrets Exposed via Web Application Frontends - Wave 7

Millions of Secrets Exposed via Web Application Frontends – Wave 7

Web applications are the cornerstone of anything on the publicly accessible internet. Due to the complexities of the software development…
Octopii - An open-source, PII (Personally Identifiable Information) Scanner for Images

Octopii – An open-source, PII (Personally Identifiable Information) Scanner for Images

Say Hi to Octopii, an AI-powered Personal Identifiable Information scanner that uses Tesseract's Optical Character Recognition (OCR) and a MobileNet…
Things You Should Know About the Spring4Shell Vulnerability (CVE-2022-22965)

Things You Should Know About the Spring4Shell Vulnerability (CVE-2022-22965)

The Spring4Shell (CVE-2022-22963) is a RCE vulnerability in the Spring framework affecting JDK versions >= 9. We analyse the vulnerability…
Making Sense of the Dirty Pipe Vulnerability (CVE-2022-0847)

Making Sense of the Dirty Pipe Vulnerability (CVE-2022-0847)

CVE-2022-0847 dubbed the "Dirty Pipe", is a privilege escalation vulnerability in the Linux Kernel. We demonstrate the vulnerability and analyze…
Untracked Assets and their Risks - Discussion with Cybernews

Untracked Assets and their Risks – Discussion with Cybernews

Nowadays, securing and managing a company’s digital footprint has become an even more difficult challenge. With so many subdomains, code…
Internet-Wide Study: State of SPF, DKIM, and DMARC (Wave 6)

Internet-Wide Study: State of SPF, DKIM, and DMARC (Wave 6)

At RedHunt Labs, (under Project Resonance), we frequently conduct internet-wide research in different shapes and formats to understand the state…