CVE Alert: CVE-2024-7139
Vulnerability Summary: CVE-2024-7139 Due to an unchecked buffer length, a specially crafted L2CAP packet can cause a buffer overflow. This...
CVE Alert: CVE-2024-12729
Vulnerability Summary: CVE-2024-12729 A post-auth code injection vulnerability in the User Portal allows authenticated users to execute code remotely in...
CVE Alert: CVE-2024-12700
Vulnerability Summary: CVE-2024-12700 There is an unrestricted file upload vulnerability where it is possible for an authenticated user (low privileged)...
CVE Alert: CVE-2024-12727
Vulnerability Summary: CVE-2024-12727 A pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall versions older than 21.0...
CVE Alert: CVE-2024-54009
Vulnerability Summary: CVE-2024-54009 Remote authentication bypass vulnerability in HPE Alletra Storage MP B10000 in versions prior to version 10.4.5 could...
CVE Alert: CVE-2024-12728
Vulnerability Summary: CVE-2024-12728 A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos Firewall older than version...
Unlocking the Power of Virtual Private Networks
In today's digital world, privacy and security are paramount. Virtual Private Networks (VPNs) have emerged as a vital tool for...
Interpol Urges an End to ‘Pig Butchering’ Terminology in Cybercrime Awareness
Interpol is urging industry experts to reconsider the term 'pig butchering,' emphasizing the need for a more empathetic language that...
EPSS Vulnerability Assessment Tool Vulnerable to Adversarial Attack
The EPSS, a key framework for vulnerability assessment, faces new risks as demonstrated by Morphisec's proof-of-concept showing susceptibility to AI-driven...
AI Training with Personal Data: New EU Guidelines and Implications
The EU has clarified its stance on using personal data for AI training, stating it may not breach GDPR if...
Recorded Future CEO Considers Russia’s ‘Undesirable’ Label a Compliment
In a notable declaration, the cybersecurity firm Recorded Future has been marked as 'undesirable' by the Russian Federation, a classification...
North Korean Hackers Steal $2.2 Billion from Crypto Platforms in 2024
In a staggering report by Chainalysis, North Korean hackers have been identified as the leading threat actors behind the theft...
Critical Threat: New Malware Targets Engineering Processes in ICS Environments
In today's digital landscape, the rise of sophisticated cybersecurity threats, particularly new malware that targets engineering processes within Industrial Control...
Kaspersky Products Still Used by US Organizations Despite Ban
Kaspersky products continue to be utilized by US organizations, even amidst a government ban, highlighting a pressing concern over technology...
BitView – 63,127 breached accounts
HIBP In December 2024, the video sharing Community BitView suffered a data breach that exposed 63k customer records. Attributed to...
Young Living Essential Oils – 1,128,951 breached accounts
HIBP In December 2024, data claimed to be breached from the multi-level marketing company Young Living Essential Oils was posted...
schenkYOU – 237,349 breached accounts
HIBP In September 2024, data from the online German gift store schenkYOU was put up for sale on a popular...
CISA: CISA Releases Insights from Red Team Assessment of a U.S. Critical Infrastructure Sector Organization
CISA Releases Insights from Red Team Assessment of a U.S. Critical Infrastructure Sector Organization Today, CISA released Enhancing Cyber Resilience:...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on November 26, 2024. These...
CISA: CISA and Partners Release Joint Guidance on PRC-Affiliated Threat Actor Compromising Networks of Global Telecommunications Providers
CISA and Partners Release Joint Guidance on PRC-Affiliated Threat Actor Compromising Networks of Global Telecommunications Providers Today, CISA—in partnership with...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Eight Industrial Control Systems Advisories
CISA Releases Eight Industrial Control Systems Advisories CISA released eight Industrial Control Systems (ICS) advisories on December 3, 2024. These...
CISA: Cisco Releases Security Updates for NX-OS Software
Cisco Releases Security Updates for NX-OS Software Cisco released security updates to address a vulnerability in Cisco NX-OS software. A...
