MITRE and CISA Release OT Attack Emulation Tool
A new open source tool designed to emulate cyber-attacks against operational technology (OT) has been released by MITRE and the...
Russia-Backed APT28 Tried to Attack a Ukrainian Critical Power Facility
Ukraine’s Computer Emergency Response Team (CERT-UA) issued an alert on September 5, 2023, about a cyber-attack attempted by Russian threat...
High-Severity Vulnerability Discovered in Popular CMS
A high-severity vulnerability has been discovered in PHPFusion, an open-source content management system (CMS) used by over 15 million websites...
Hundreds of Scam Pages Uncovered in Major Investment Fraud Campaign
Researchers are warning of a major global investment fraud campaign that uses social media advertising to lure unwitting victims into...
UK Government Backs Down on Anti-Encryption Stance
The UK government appears to have pulled back on a controversial clause in its forthcoming Online Safety Bill that would...
Chinese Hacker Steals Microsoft Signing Key, Spies on US Government
A China-based threat actor gained access to a Microsoft account (MSA) cryptographic key, as early as 2021, and used it...
IBM Reports Patient Data Breach at Johnson & Johnson Subsidiary
Sensitive patient data may have been accessed following a breach of the Janssen CarePath platform, a subsidiary of pharmaceutical giant...
DGA Behavior Shifts Raise Cybersecurity Concerns
Researchers at Akamai have unearthed a concerning shift in the behavior of dynamically seeded Domain Generation Algorithm (DGA) families within...
UK and US Sanction 11 Russians Tied to Trickbot/Conti Ransomware
The US and the UK have sanctioned 11 individuals accused of being linked with the Trickbot malware and the Conti...
Zero-Day Flaw Exposes Atlas VPN User IPs
A Reddit user known as “Educational-Map-8145” has exposed a critical zero-day flaw affecting the Linux client of Atlas VPN, a popular...
API Vulnerabilities: 74% of Organizations Report Multiple Breaches
API security company Traceable has unveiled its 2023 State of API Security Report. In collaboration with the Ponemon Institute, the...
CISA: CISA and International Partners Release Malware Analysis Report on Infamous Chisel Mobile Malware
CISA and International Partners Release Malware Analysis Report on Infamous Chisel Mobile Malware Today, the United Kingdom’s National Cyber Security...
CISA: CISA Adds One Known Vulnerability to Catalog
CISA Adds One Known Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on August 31, 2023. These...
CISA: VMware Releases Security Update for Tools
VMware Releases Security Update for Tools VMware has released a security update to address a vulnerability in VMware Tools. A...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on September 5, 2023. These...
CISA: CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475 Today, CISA, Federal Bureau of...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on September 7, 2023. These...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security advisories to address vulnerabilities affecting multiple Cisco products. A...
CISA: CISA Releases Capacity Enhancement Guide to Strengthen Agency Resilience to DDoS Attack
CISA Releases Capacity Enhancement Guide to Strengthen Agency Resilience to DDoS Attack CISA has released actionable guidance for Federal Civilian...
CISA: CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells
CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells The Cybersecurity and Infrastructure Security Agency (CISA) has...
US-CERT Vulnerability Summary for the Week of August 28, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoearcms -- ear_appAn issue found in Earcms Ear App v.20181124 allows a...
DorXNG – Next Generation DorX. Built By Dorks, For Dorks
DorXNG is a modern solution for harvesting OSINT data using advanced search engine operators through multiple upstream search providers. On...
HackerOne Bug Bounty Disclosure: b-ability-to-bypass-admin-override-on-cloudflare-warp-android-b-callmed
Company Name: b'Cloudflare Public Bug Bounty' Company HackerOne URL: https://hackerone.com/cloudflare Submitted By:b'callmed0_4'Link to Submitters Profile:https://hackerone.com/b'callmed0_4' Report Title:b'Ability to bypass Admin...
