Common Vulnerability Scoring System (CVSS) (Page 2)

Critical vulnerability in Flux2, a Kubernetes continuous delivery tool, enables hacking between neighboring deployments

On: May 19, 2022

A recently detected vulnerability affecting Flux, a popular continuous delivery (CD) tool for Kubernetes, would reportedly allow tenants to sabotage the activities of “neighbors” who use the same infrastructure outsideRead More →

Security researcher finds new way to exploit CVE-2022-22005, recently patched deserialization bug in Microsoft SharPoint

On: May 16, 2022

In: Vulnerabilities

In early 2022, Microsoft addressed CVE-2022-22005, a remote code execution (RCE) vulnerability that used website creation features in SharePoint, releasing a security patch. Even though the flaw had already beenRead More →

3 critical vulnerabilities in SonicWall SMA 1000 SSLVPN affect over 500k companies

On: May 16, 2022

In: Vulnerabilities

In a security alert, SonicWall has strongly urged its customers to address some security flaws in its Secure Mobile Access (SMA) Series 1000 products, as their successful exploitation would allowRead More →

CRITICAL VULNERABILITIES ALLOW HACKING MULTIPLE KONICA MINOLTA DEVICES

On: May 14, 2022

In: Vulnerabilities

Researchers from SEC Consult Vulnerability Lab reported the detection of a sandbox breakout vulnerability present in some Konica Minolta bizhub multifunctional models. Detected in late 2019, successful exploitation of thisRead More →

New tool to find vulnerabilities in the way applications like Microsoft Word and Adobe Acrobat process JavaScript: Cooperative mutation attack

On: May 13, 2022

In: Vulnerabilities

A group of researchers developed a tool capable of detecting errors in the way applications such as Adobe Acrobat or Microsoft Word process JavaScript code, which has allowed finding aRead More →

Threat actors are exploiting critical vulnerability in F5 products to destroy firewalls and network devices completely

On: May 11, 2022

In: Vulnerabilities

Cybercriminal groups have been exploiting a critical vulnerability in F5 BIG-IP solutions to erase file systems on affected devices, rendering servers completely useless. Tracked as CVE-2022-1388, successful exploitation of theRead More →

Exploitation code for CVE-2022-1388 available: Critical remote code execution vulnerability in F5 Network management tools

On: May 9, 2022

In: Vulnerabilities

A few days ago, the security teams of F5 Networks reported the correction of more than 50 vulnerabilities in various versions of BIG-IP, among which CVE-2022-1388 stands out, a criticalRead More →

Critical vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) would allow easy root access to affected servers

On: May 5, 2022

In: Vulnerabilities

In its latest security advisory Cisco announced the fix of several flaws in its NFV Infrastructure Software (NFVIS), a network virtualization solution for virtual network function (VNF) management. Two ofRead More →

17 critical vulnerabilities affect 16,000 F5 BIG-IP security products

On: May 5, 2022

In: Vulnerabilities

A report by F5 Networks points to the detection of a critical vulnerability that would allow threat actors with access to an exposed network to execute arbitrary commands, deploy fileRead More →

Vulnerability in OWASP’s Enterprise Security API: Patch immediately

On: May 4, 2022

In: Vulnerabilities

The Open Web Application Security Project (OWASP) announced the fixing of a critical vulnerability in its Enterprise Security API (ESAPI) whose exploitation could have allowed threat actors to run pathRead More →

Common Vulnerability Scoring System (CVSS) (Page 2)

Security researcher finds new way to exploit CVE-2022-22005, recently patched deserialization bug in Microsoft SharPoint

3 critical vulnerabilities in SonicWall SMA 1000 SSLVPN affect over 500k companies

CRITICAL VULNERABILITIES ALLOW HACKING MULTIPLE KONICA MINOLTA DEVICES

New tool to find vulnerabilities in the way applications like Microsoft Word and Adobe Acrobat process JavaScript: Cooperative mutation attack

Threat actors are exploiting critical vulnerability in F5 products to destroy firewalls and network devices completely

Exploitation code for CVE-2022-1388 available: Critical remote code execution vulnerability in F5 Network management tools

Critical vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) would allow easy root access to affected servers

17 critical vulnerabilities affect 16,000 F5 BIG-IP security products

Vulnerability in OWASP’s Enterprise Security API: Patch immediately

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

Massive NVIDIA GPU Exploit Found. How Hackers Can Take Down 35% of AI Systems in Cloud!

Blast-RADIUS Attack Exploting Critical RADIUS Flaw Could Compromise Your Network

14 Million Servers Vulnerable to Critical OpenSSH Bug: Become Remote Admin with CVE-2024-6387

How Safe is Your TinyProxy? Step-by-Step Guide to Exploiting Tinyproxy’s Zero Day Vulnerability

Eternal Malware: CVE-2024-3400 Rootkits Persist Through Palo Alto Firewalls Updates and Resets

WinRAR and ZIP File Exploits: This ZIP File Hack Could Let Malware Bypass Your Antivirus

5 Techniques Hackers Use to Jailbreak ChatGPT, Gemini, and Copilot AI systems

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hacking Pagers to Explosions: Israel’s Covert Cyber-Physical Sabotage Operation Against Hezbollah!

Five Techniques for Bypassing Microsoft SmartScreen and Smart App Control (SAC) to Run Malware in Windows

How Millions of Phishing Emails were Sent from Trusted Domains: EchoSpoofing Explained

How to implement Principle of Least Privilege(Cloud Security) in AWS, Azure, and GCP cloud

The 11 Essential Falco Cloud Security Rules for Securing Containerized Applications at No Cost

Hack-Proof Your Cloud: The Step-by-Step Continuous Threat Exposure Management CTEM Strategy for AWS & AZURE

Web-Based PLC Malware: A New Technique to Hack Industrial Control Systems

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hackers’ Guide to Rogue VM Deployment: Lessons from the MITRE hack

Eternal Malware: CVE-2024-3400 Rootkits Persist Through Palo Alto Firewalls Updates and Resets

Major Python Infrastructure Breach – Over 170K Users Compromised. How Safe Is Your Code?

How to exploit Windows Defender Antivirus to infect a device with malware

Cyber Security Channel

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]