NO. 359 | WhatsLeak, CCTV Ban, Meta Threats
Exploring the intersection of security, technology, and society—and what might be coming next… Standard Web Edition | November 28, 2022 SECURITY NEWS There appears to…
Month: April 2023
How to code a satellite algorithm and cook paella from scratch
A guide to expertly tackling seemingly complicated problems that you’d rather never tackle in the first place. What if I told you that by the…
HackerOne’s In-Depth Approach to Vulnerability Triage and Validation
Like triaging in a hospital emergency room, security issues must be diagnosed and handled by an expert as soon as they arrive. But it doesn’t…
Too Good To Be True? That Could Be An Identity Theft Scam
Identity theft continues to be a major cause of concern as hackers are finding new ways to exploit the information. Over the years, identity theft…
Top 5 high severity CVEs detected by Detectify since June 2020
We’re going to highlight the Top high severity CVEs found by Detectify. Thanks to the Crowdsource global community of handpicked ethical hackers, Detectify users get…
Napkin Ideas Around What Changes to Expect Post-ChatGPT
If you’re reading this you already know the internet is on fire over the new GPTChatBot from OpenAI. There are people using it to create…
CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug
Apr 22, 2023Ravie LakshmananPatch Management / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security flaws to its Known Exploited…
Batch renaming images, including image resolution, with awk
How to batch rename images with custom values using file, awk, and rename – in rainbow colors! The most recent item on my list of…
Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach
Apr 22, 2023Ravie LakshmananSupply Chain / Cyber Threat Lazarus, the prolific North Korean hacking group behind the cascading supply chain attack targeting 3CX, also breached…
Critical Flaws in Alibaba postgreSQL let Attackers Access Data
Two new critical flaws have been found in Alibaba Cloud’s popular services, ApsaraDB and AnalyticDB. Both of them were in support of PostgreSQL. Wiz security…
Will Cybercrime Erupt With Baphomet Returning To Telegram?
After the arrest of the former admin of the BreachForums, Pompompurin, the succeeding administrator Baphomet has gotten into a game of peekaboo on the dark…
The Most Overlooked Server Permission Checks
We previously looked at common server authentication issues we see in code review and offered tips to avoid them. If you followed these suggestions, you should have…