Vendor Email Attacks Surged by 137% in Financial Sector in 2023
The global financial services industry has witnessed a 137% increase in Vendor Email Compromise (VEC) attacks over the last year,...
AI, Gaming, FinTech Named Major Cybersecurity Threats For Kids
The heightened utilization of AI tools and potential vulnerabilities in gaming have been identified as crucial cybersecurity concerns for children...
75% of Organizations Hit by Ransomware in 2023
Three-quarters (75%) of organizations suffered at least one ransomware attack last year, according to Veeam’s Data Protection Trends Report 2024.The...
OpenAI Announces Plans to Combat Misinformation Amid 2024 Elections
With elections expected to occur in over 50 countries in 2024, the misinformation threat will be top of mind.OpenAI, the...
Naz.API – 70,840,771 breached accounts
HIBP In September 2023, over 100GB of stealer logs and credential stuffing lists titled "Naz.API" was posted to a popular...
CISA: CISA Releases Nine Industrial Control Systems Advisories
CISA Releases Nine Industrial Control Systems Advisories CISA released nine Industrial Control Systems (ICS) advisories on January 11, 2024. These...
CISA: Cisco Releases Security Advisory for Cisco Unity Connection
Cisco Releases Security Advisory for Cisco Unity Connection Cisco released a security advisory to address a vulnerability (CVE-2024-20272) in Cisco...
CISA: Juniper Networks Releases Security Bulletin for Junos OS and Junos OS Evolved
Juniper Networks Releases Security Bulletin for Junos OS and Junos OS Evolved Juniper Networks has released a security advisory to address...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways
Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways Ivanti has released a security update to address an...
CISA: CISA and FBI Release Known IOCs Associated with Androxgh0st Malware
CISA and FBI Release Known IOCs Associated with Androxgh0st Malware Today, CISA and the Federal Bureau of Investigation (FBI) released...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on January 16, 2024. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: VMware Releases Security Advisory for Aria Operations
VMware Releases Security Advisory for Aria Operations VMware released a security advisory to address a vulnerability (CVE-2023-34063) in Aria Operations....
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
US-CERT Vulnerability Summary for the Week of January 8, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
pyGPOAbuse – Partial Python Implementation Of SharpGPOAbuse
Python partial implementation of SharpGPOAbuse by@pkb1s This tool can be used when a controlled account can modify an existing GPO...
HackerOne Bug Bounty Disclosure: b-bypass-password-confirmation-via-context-dependent-access-control-cdca-b-st-nzyy
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'st0nzyy'Link to Submitters Profile:https://hackerone.com/b'st0nzyy' Report Title:b' Bypass password confirmation via Context-dependent access...
HackerOne Bug Bounty Disclosure: b-error-when-editing-a-calendar-appointment-returns-stacktrace-and-query-b-st-nzyy
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'st0nzyy'Link to Submitters Profile:https://hackerone.com/b'st0nzyy' Report Title:b'Error when editing a calendar appointment returns...
HackerOne Bug Bounty Disclosure: b-h-oberlo-least-privileged-user-can-cancel-account-owner-s-subscription-via-post-on-payments-subscribe-b-archangel
Company Name: b'Shopify' Company HackerOne URL: https://hackerone.com/shopify Submitted By:b'archangel'Link to Submitters Profile:https://hackerone.com/b'archangel' Report Title:b" Least privileged user can cancel account...
HackerOne Bug Bounty Disclosure: b-bruteforce-protection-in-password-verification-can-be-bypassed-b-taise
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'taise'Link to Submitters Profile:https://hackerone.com/b'taise' Report Title:b'Bruteforce protection in password verification can be...
Critical Vulnerabilities in Siemens Products
Siemens has released security updates addressing critical vulnerabilities (CVE-2023-51438 and CVE-2023-49621) in their SIMATIC IPC and SIMATIC NC 4100 products. The...
Active Exploitation of Critical Vulnerability in VMware’s Aria Automation
VMware has released security updates addressing a critical vulnerability (CVE-2023-34063) in VMware Aria Automation. The vulnerability has a Common Vulnerability...
Active Exploitation of Zero-Day Vulnerability in Citrix’s Netscaler ADC and Gateway Products
Citrix has released security updates addressing a zero-day vulnerability (CVE-2023-6549) in their Netscaler ADC and Gateway products. The vulnerability is...
