#BHUSA: DARPA Challenges AI Pros to Safeguard US Infrastructure
“I’m going to do something I’ve never done before.” Those were Jeff Moss’s words during his August 9 opening speech...
Potent Trojans Targeting MacOS Users
Threat actors are becoming more efficient at targeting Mac users through MacOS tailored malware, according to Bitdefender’s macOS Threat Landscape...
#BHUSA: Only 22% of Firms Have Mature Threat Intelligence Programs
Only 22% of organizations have achieved a fully matured threat intelligence program, revealed a new report by cybersecurity solutions provider...
#BHUSA: US National Security Agency Announces Codebreaker Challenge Theme
US coastguards discovered an unknown signal 30 miles outside the continental United States. The US National Security Agency (NSA) is...
APT31 Linked to Recent Industrial Attacks in Eastern Europe
The threat actor APT31 (AKA Judgment Panda and Zirconium) has been linked to recent industrial attacks in eastern Europe, according...
New York Introduces First-Ever Statewide Cybersecurity Strategy
Governor Kathy Hochul has introduced New York's first-ever statewide cybersecurity strategy, reinforced by a $600m commitment. The strategy emerges as a...
#BHUSA: White House, DARPA and CISA Ask for Help in Securing Open Source Software
“When I worked on a report from the US Cyber Safety Review Board about the Log4j vulnerability, I was stunned...
Rightbiz – 65,376 breached accounts
HIBP In June 2023, data belonging to the "UK's No.1 Business Marketplace" Rightbiz appeared on a popular hacking forum. Comprising...
CISA: CISA Releases its Cybersecurity Strategic Plan
CISA Releases its Cybersecurity Strategic Plan Today, CISA released a strategic plan to lay out how we will fulfill our...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on August 3, 2023. These...
CISA: Microsoft Releases August 2023 Security Updates
Microsoft Releases August 2023 Security Updates Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can...
CISA: CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022
CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022 The U.S. Cybersecurity and...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
CISA: Fortinet Releases Security Update for FortiOS
Fortinet Releases Security Update for FortiOS Fortinet has released a security update to address a vulnerability (CVE-2023-29182) affecting FortiOS. A...
CISA: Adobe Releases Security Updates for Multiple Products
Adobe Releases Security Updates for Multiple Products Adobe has released security updates to address multiple vulnerabilities in Adobe software. An...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on August 8, 2023. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
CISA: CISA Releases Twelve Industrial Control Systems Advisories
CISA Releases Twelve Industrial Control Systems Advisories CISA released twelve Industrial Control Systems (ICS) advisories on August 10, 2023. These...
US-CERT Vulnerability Summary for the Week of July 31, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoyunyecms -- yunyecmsSQL injection vulnerability in yunyecms 2.0.2 allows remote attackers to...
HackerOne Bug Bounty Disclosure: b-improper-restriction-of-excessive-authentication-attempts-on-webdav-endpoint-b-unknownsh
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'unknownsh'Link to Submitters Profile:https://hackerone.com/b'unknownsh' Report Title:b'Improper restriction of excessive authentication attempts on...
HackerOne Bug Bounty Disclosure: b-new-apppassword-can-be-generated-without-password-confirmation-b-mikaelgundersen
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'mikaelgundersen'Link to Submitters Profile:https://hackerone.com/b'mikaelgundersen' Report Title:b'New AppPassword can be generated without password...
HackerOne Bug Bounty Disclosure: b-missing-brute-force-protection-on-oauth-api-controller-b-mikaelgundersen
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'mikaelgundersen'Link to Submitters Profile:https://hackerone.com/b'mikaelgundersen' Report Title:b'Missing brute force protection on OAuth2 API...
HackerOne Bug Bounty Disclosure: b-any-non-admin-user-from-an-instance-can-destroy-any-user-and-or-global-external-filesystem-b-cult
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'cult'Link to Submitters Profile:https://hackerone.com/b'cult' Report Title:b'Any (non-admin) user from an instance can...
HackerOne Bug Bounty Disclosure: b-notes-attachments-render-html-in-preview-mode-b-tareq
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'tareq4'Link to Submitters Profile:https://hackerone.com/b'tareq4' Report Title:b'Notes attachments render HTML in preview mode'Report...
