Information Security News|Cyber Security|Hacking Tutorial

CISA recommends to patch these two Veeam flaws that can be exploited by a remote attacker who is not authenticated to execute arbitrary code

On: December 14, 2022

On Tuesday, CISA updated its catalog with five new vulnerabilities, including those that affect products made by Veeam, Fortinet, Microsoft, and Citrix. The previously existing list has been expanded toRead More →

Critical vulnerabilities affecting VMware Workspace ONE Access and Identity Manager

On: December 14, 2022

In: Vulnerabilities

VMware has patched two security flaws in VMware Workspace ONE Access and Identity Manager as of today: Authenticated Remote Code Execution Vulnerability in VMware Workspace ONE Access and Identity Manager,Read More →

Critical zero-day vulnerability (CVE-2022-27518) in Citrix ADC & Gateway exploited by state-sponsored hackers to access business networks

On: December 13, 2022

In: Vulnerabilities

Following the release of an emergency patch by Fortinet to address significant security flaws in the FortiOS SSL-VPN product. Citrix has just just issued yet another critical security update forRead More →

Deadline for Better Encryption on Payment Systems Pushed Back Two Years

PCI Security Standards Council (PCI SSC) releases PCI Secure Software Standard v1.2

On: December 13, 2022

In: Data Security

By offering industry-driven, adaptable, and efficient data security standards and programs that assist businesses in identifying, mitigating, and preventing cyberattacks and breaches, the PCI Security Standards Council (PCI SSC) isRead More →

Arbitrary code execution flaw impacts Spring Boot Admin

On: December 12, 2022

In: Vulnerabilities

You will be able to construct Spring-powered, production-ready apps and services with the very minimal amount of hassle with the assistance of Spring Boot. An administrative user interface that isRead More →

Tor Browser 12.0 released with major changes

On: December 12, 2022

In: Data Security

The most recent version of the Tor Browser is a specially packaged version of Firefox 102 ESR that automates the process of establishing a connection to the TOR network. TheRead More →

Cisco IP Phones 7800 and 8800 series have a critical vulnerability could allow remote code execution or DoS attack

On: December 9, 2022

In: Vulnerabilities

Customers were warned by Cisco on Thursday that fixes for a high-severity vulnerability that affects certain of the company’s IP phones are currently under development. The vulnerability, which is trackedRead More →

OWASP publishes Top 10 CI/CD Security Risks Guidelines

On: December 9, 2022

In: Data Security

Any contemporary software company must have environments, procedures, and systems for continuous integration and continuous delivery. They transport the code written at an engineer’s workstation to the production environment. TheRead More →

How to prevent lockouts (security tips)

On: December 9, 2022

In: Technology Talk

Sooner or later, everyone is going to find themselves locked out of their homes. The emotions doing this will create cover everything from embarrassment to fear. If you don’t wantRead More →

New JSON-Based SQL Injection attacks allow bypassing Palo Alto, F5, AWS, Cloudflare, and Imperva WAF

On: December 8, 2022

In: Data Security

Web application firewalls, also known as WAFs, are intended to protect web-based applications and application programming interfaces (APIs) from malicious HTTPS traffic coming from the outside, particularly cross-site scripting andRead More →

CISA recommends to patch these two Veeam flaws that can be exploited by a remote attacker who is not authenticated to execute arbitrary code

Critical vulnerabilities affecting VMware Workspace ONE Access and Identity Manager

Critical zero-day vulnerability (CVE-2022-27518) in Citrix ADC & Gateway exploited by state-sponsored hackers to access business networks

PCI Security Standards Council (PCI SSC) releases PCI Secure Software Standard v1.2

Arbitrary code execution flaw impacts Spring Boot Admin

Tor Browser 12.0 released with major changes

Cisco IP Phones 7800 and 8800 series have a critical vulnerability could allow remote code execution or DoS attack

OWASP publishes Top 10 CI/CD Security Risks Guidelines

How to prevent lockouts (security tips)

New JSON-Based SQL Injection attacks allow bypassing Palo Alto, F5, AWS, Cloudflare, and Imperva WAF

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

Massive NVIDIA GPU Exploit Found. How Hackers Can Take Down 35% of AI Systems in Cloud!

Blast-RADIUS Attack Exploting Critical RADIUS Flaw Could Compromise Your Network

14 Million Servers Vulnerable to Critical OpenSSH Bug: Become Remote Admin with CVE-2024-6387

How Safe is Your TinyProxy? Step-by-Step Guide to Exploiting Tinyproxy’s Zero Day Vulnerability

Eternal Malware: CVE-2024-3400 Rootkits Persist Through Palo Alto Firewalls Updates and Resets

WinRAR and ZIP File Exploits: This ZIP File Hack Could Let Malware Bypass Your Antivirus

5 Techniques Hackers Use to Jailbreak ChatGPT, Gemini, and Copilot AI systems

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hacking Pagers to Explosions: Israel’s Covert Cyber-Physical Sabotage Operation Against Hezbollah!

Five Techniques for Bypassing Microsoft SmartScreen and Smart App Control (SAC) to Run Malware in Windows

How Millions of Phishing Emails were Sent from Trusted Domains: EchoSpoofing Explained

How to implement Principle of Least Privilege(Cloud Security) in AWS, Azure, and GCP cloud

The 11 Essential Falco Cloud Security Rules for Securing Containerized Applications at No Cost

Hack-Proof Your Cloud: The Step-by-Step Continuous Threat Exposure Management CTEM Strategy for AWS & AZURE

Web-Based PLC Malware: A New Technique to Hack Industrial Control Systems

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hackers’ Guide to Rogue VM Deployment: Lessons from the MITRE hack

Eternal Malware: CVE-2024-3400 Rootkits Persist Through Palo Alto Firewalls Updates and Resets

Major Python Infrastructure Breach – Over 170K Users Compromised. How Safe Is Your Code?

How to exploit Windows Defender Antivirus to infect a device with malware

Cyber Security Channel

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]