Jon Fuller | Atvik Security

Yawave WordPress Plugin – Unauthenticated SQL Injection in versions <= 2.9.1

Last year, Atvik Security was performing security reviews on various WordPress plugins. WordPress plugins’ source code is freely available, and can be found in the “Development” tab when viewing a WordPress plugin. When reviewing the Yawave wordpress plugin we found a completely unauthenticated SQL injection vulnerability. At the time of writing, the source code is […]

Yawave WordPress Plugin – Unauthenticated SQL Injection in versions <= 2.9.1 Read More »

CUPS Vulnerability: What You Need to Know

cups, research / By Jon Fuller

The CUPS Conundrum: A Perfect Storm of Vulnerabilities Picture this: four seemingly innocuous vulnerabilities that, when chained together, create a perfect storm for remote code execution on Linux and Unix systems. That’s exactly what we’re facing with the latest CUPS vulnerability. These vulnerabilities, identified as CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, affect various components of the

CUPS Vulnerability: What You Need to Know Read More »

Running a local LLM / AI (Ollama)

Uncategorized / By Jon Fuller

I’ve recently dove headfirst into running LLMs on my local hardware, and I wanted to share what I’ve learned and how I’ve set it up so others that want to do the same thing, may. If you’re on a Windows Desktop machine, and you just want to interact with LLMs on your desktop, then skip

Running a local LLM / AI (Ollama) Read More »

Safeguarding Against LLM Prompt Injection: A Cybersecurity Imperative

Uncategorized / By Jon Fuller

In the rapidly evolving landscape of cybersecurity, the rise of Large Language Models (LLMs) like OpenAI’s GPT series has presented both revolutionary opportunities and new vulnerabilities. Among these, LLM prompt injection emerges as a sophisticated threat vector that demands our attention. At Atvik Security, we’re committed to not just navigating these challenges, but also empowering

Safeguarding Against LLM Prompt Injection: A Cybersecurity Imperative Read More »

Kubernetes Security: A Thorough Guide for Safeguarding Your Cloud-Native Workloads

Kubernetes, the widely-adopted open-source platform for managing containerized applications, has gained immense popularity for its scalability, flexibility, and robustness. However, as Kubernetes’ use grows, so too does its attack surface, making security a pivotal concern. This article delves into the various aspects of Kubernetes security, offering a comprehensive guide to protect your cloud-native workloads effectively.

Kubernetes Security: A Thorough Guide for Safeguarding Your Cloud-Native Workloads Read More »

Unveiling the Most Common AWS Security Misconfigurations: A Comprehensive Guide

Uncategorized / By Jon Fuller

Amazon Web Services (AWS) is a leading player in the arena of cloud computing, serving as the backbone for numerous organizations worldwide. While AWS provides a robust and secure infrastructure, it’s the responsibility of businesses to ensure their data and applications hosted on AWS are shielded against potential threats. When it comes to cloud security,

Unveiling the Most Common AWS Security Misconfigurations: A Comprehensive Guide Read More »

Author name: Jon Fuller

Yawave WordPress Plugin – Unauthenticated SQL Injection in versions <= 2.9.1

CUPS Vulnerability: What You Need to Know

Running a local LLM / AI (Ollama)

Safeguarding Against LLM Prompt Injection: A Cybersecurity Imperative

Kubernetes Security: A Thorough Guide for Safeguarding Your Cloud-Native Workloads

Unveiling the Most Common AWS Security Misconfigurations: A Comprehensive Guide

Start typing and press enter to search