Eric Forte

Cups Overflow: When your printer spills more than Ink

Elastic Security Labs discusses detection and mitigation strategies for vulnerabilities in the CUPS printing system, which allow unauthenticated attackers to exploit the system via IPP and mDNS, resulting in remote code execution (RCE) on UNIX-based systems such as Linux, macOS, BSDs, ChromeOS, and Solaris.

Storm on the Horizon: Inside the AJCloud IoT Ecosystem

Wi-Fi cameras are popular due to their affordability and convenience but often have security vulnerabilities that can be exploited.

Now in beta: New Detection as Code capabilities

Google Cloud for Cyber Data Analytics

This article explains how we conduct comprehensive cyber threat data analysis using Google Cloud, from data extraction and preprocessing to trend analysis and presentation. It emphasizes the value of BigQuery, Python, and Google Sheets - showcasing how to refine and visualize data for insightful cybersecurity analysis.

Streamlining ES|QL Query and Rule Validation: Integrating with GitHub CI

ES|QL is Elastic's new piped query language. Taking full advantage of this new feature, Elastic Security Labs walks through how to run validation of ES|QL rules for the Detection Engine.