Frontline Security Practitioners Reveal the Latest About AI
Mark your calendar for mWISE™, the uniquely targeted, community-focused cybersecurity conference from Mandiant. It runs from September 18–20, 2023 in...
Meet NoEscape: Avaddon ransomware gang’s likely successor
The new NoEscape ransomware operation is believed to be a rebrand of Avaddon, a ransomware gang that shut down and...
Hackers exploiting critical WordPress WooCommerce Payments bug
Hackers are conducting widespread exploitation of a critical WooCommerce Payments plugin to gain the privileges of any users, including administrators,...
Critical ColdFusion flaws exploited in attacks to drop webshells
Update 7/17/23: The article was updated due to a mistaken warning added by Adobe to its email notification. However, a...
IT worker jailed for impersonating ransomware gang to extort employer
28-year-old Ashley Liles, a former IT employee, has been sentenced to over three years in prison for attempting to blackmail...
Police arrests Ukrainian scareware developer after 10-year hunt
The Spanish National Police has apprehended a Ukrainian national wanted internationally for his involvement in a scareware operation spanning from...
CISA shares free tools to help secure data in the cloud
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shared a factsheet providing details on free tools and guidance for...
Ukraine’s CERT-UA Exposes Gamaredon’s Rapid Data Theft Methods
The Ukrainian government's Computer Emergency Response Team (CERT-UA) has recently unveiled the rapid data theft methods of the APT known...
BreachForums Admin Pleads Guilty to Hacking Charges
Conor Brian Fitzpatrick, famously known as "Pompompurin," has entered a guilty plea for hacking charges in the United States District...
Sorillus RAT and Phishing Attacks Exploit Google Firebase Hosting
Attackers have been observed using the notorious Sorillus remote access trojan (RAT) and phishing attacks to exploit Google Firebase Hosting infrastructure.The...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Critical Industrial Control Systems (ICS) advisory on July 12, 2023....
CISA: Mozilla Releases Security Update for Firefox and Firefox ESR
Mozilla Releases Security Update for Firefox and Firefox ESR Mozilla has released a security update to address a vulnerability in...
CISA: Juniper Releases Multiple Security Updates for Juno OS
Juniper Releases Multiple Security Updates for Juno OS Juniper has released updates to address multiple vulnerabilities in Juno OS(link is...
CISA: CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online
CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online The Cybersecurity and Infrastructure...
CISA: CISA Releases Nine Industrial Control Systems Advisories
CISA Releases Nine Industrial Control Systems Advisories CISA released nine Industrial Control Systems (ICS) advisories on July 13, 2023. These...
CISA: CISA Develops Factsheet for Free Tools for Cloud Environments
CISA Develops Factsheet for Free Tools for Cloud Environments CISA has developed and published a factsheet, Free Tools for Cloud...
CISA: NSA, CISA Release Guidance on Security Considerations for 5G Network Slicing
NSA, CISA Release Guidance on Security Considerations for 5G Network Slicing Today, the National Security Agency (NSA) and CISA published...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Cisco Releases Security Update for SD-WAN vManage API
Cisco Releases Security Update for SD-WAN vManage API Cisco has released a security update to address a critical vulnerability affecting...
CISA: CISA Adds Two Known Vulnerabilities to Catalog
CISA Adds Two Known Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
US-CERT Vulnerability Summary for the Week of July 3, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infosem-cms -- semcmsFile Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers...
CISA: NSA, CISA Release Guidance on Security Considerations for 5G Network Slicing
NSA, CISA Release Guidance on Security Considerations for 5G Network Slicing Today, the National Security Agency (NSA) and CISA published...
HackerOne Bug Bounty Disclosure: an-idor-that-can-lead-to-enumeration-of-a-user-and-disclosure-of-email-and-phone-number-within-cashier-miquinho
Company Name: Unikrn Company HackerOne URL: https://hackerone.com/unikrn Submitted By:miquinhoLink to Submitters Profile:https://hackerone.com/miquinho Report Title:An IDOR that can lead to enumeration...
HackerOne Bug Bounty Disclosure: subscription-check-bypass-of-nordvpn-service-tlsh
Company Name: Nord Security Company HackerOne URL: https://hackerone.com/nordsecurity Submitted By:tlsh1Link to Submitters Profile:https://hackerone.com/tlsh1 Report Title:Subscription check bypass of NordVPN serviceReport...
