Hot Topics

vulnerability

Recent Critical Vulnerabilities: August 2024 CVE Roundup

| | CVE, Cybersecurity, Security Research, vulnerability
Protecting Organizations with Up-to-Date CVE Awareness  Reports from the National Institute of Standards and Technology (NIST) through its National Vulnerability Database (NVD) highlight critical cybersecurity vulnerabilities that demand immediate attention and underscore ...
TrueFort
AWS, APIs Cyera AWS logs Druva vulnerabilities eBay cyberstalking

Miggo Uncovers AWS Load Balancer Security Flaw

| | AppSec, Cloud Security, cyberattacks, Cybersecurity, vulnerability
Miggio has discovered a configuration-based vulnerability that enables cybercriminals to bypass authentication and authorization services provided by the Application Load Balancer (ALB) from Amazon Web Services (AWS) that could affect more than ...
Security Boulevard

CVE-2024-38178 Vulnerability within Microsoft Edge

| | Best Practices, CVE, Security Research, vulnerability
High threat level vulnerability CVE-2024-38178 discovered on Microsoft Edge browser : OFFICIAL CVE-2024-38178 PATCHING INFORMATION : A recent discovery has unveiled CVE-2024-38178, a critical vulnerability within Microsoft Windows, which impacts Internet Explorer ...
TrueFort

Recent Vulnerabilities in Cybersecurity: July 2024 CVE Roundup

| | CVE, Cybersecurity, Security Research, vulnerability
Recent cybersecurity vulnerabilities reported on the National Institute of Standards and Technology (NIST)’s National Vulnerability Database pose significant risks to organizations worldwide. Without mitigation, data breaches and system compromises are possible. July’s ...
TrueFort
Npm packages conceal macOS malware in 'travis.yml' files, drop bogus  "Safari Updates"

Npm packages conceal macOS malware in ‘travis.yml’ files, drop bogus  “Safari Updates”

| | Sonatype Lifecycle, Sonatype Repository Firewall, vulnerability
Three npm packages identified by Sonatype this week conceal malware in "travis.yml," a CI/CD build configuration file used by Travis CI. These packages contain metadata, description, and code copied from the legitimate ...
2024 Sonatype Blog
Tenable, application security, vulnerabilities, software, vulnerabilities, issues, servers, vulnerability, Linux, vulnerability management, risk-based, vulnerabilities third-party supply chain Okta endpoint security

Networking Equipment Riddled With Software Supply Chain Risks

| | CVE, IT network, IT Security, networking, router, SBOM, supply chain security, switch, vulnerability
Outdated software components often contain vulnerabilities that have been discovered and are well-understood by threat actors ...
Security Boulevard
Facial Recognition Fail: How It Misidentified an Innocent Man

Critical SSH Vulnerability, Facial Recognition Flaws, How to Safely Dispose of Old Devices

| | arrest, Cyber Security, Cybersecurity, data, Data Privacy, Delete My Data, Detroit, Detroit Police, Digital Forensics, Digital Privacy, Episodes, Exploit, facial recognition, hard drive, HDD, Information Security, Infosec, Old Computer, Old PC, openssh, personal data, Podcast, Podcasts, Privacy, Qualys, RegreSSHion, Secure Wipe, security, SSH, technology, vulnerability, Weekly Edition, zero-day
In episode 337, we cover “broken” news about the new SSH vulnerability ‘regreSSHion‘ highlighting the vulnerability discovered in the OpenSSH protocol by Qualys and its implications. We then discuss the Detroit Police ...
Shared Security Podcast

OpenSSH regreSSHion Vulnerability

| | CVE-2024-6387, Cybersecurity, David Michael Berry, Linux, Nmap, python, security, technology, Uncategorized, vulnerability
…and…How AI Can Revolutionize Code and Regression Testing Introduction Artificial Intelligence (AI) is transforming numerous industries, and software development is no exception. One of the critical areas where AI can make a ...
Berry Networks
SCCM Exploitation: Evading Defenses and Moving Laterally with SCCM Application Deployment

SCCM Exploitation: Evading Defenses and Moving Laterally with SCCM Application Deployment

| | Blog, Cybersecurity, Penetration Testing, Threat & Attack Simulation, vulnerability, Vulnerability Management & Penetration Testing
TL;DR: Compromise of an SCCM administrator account can easily lead to compromise of every machine managed by SCCM. As this […] ...
The Guiding Point | GuidePoint Security
LockBit ransomware Federal Reserve

Ransomware Group Jumps on PHP Vulnerability

| | php, Ransomware, vulnerability
A long-running ransomware campaign that has been targeting Windows and Linux systems since 2019 is the latest example of how closely threat groups track public disclosures of vulnerabilities and proofs-of-concept (PoCs) and ...
Security Boulevard
Load more

Application Security Check Up