Detectify security updates for 10 January
For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from…
Month: May 2023
Hackers Exploiting 5-year-old Unpatched Vulnerability in TBK DVR Devices
May 03, 2023Ravie LakshmananSurveillance / Vulnerability Threat actors are actively exploiting an unpatched five-year-old flaw impacting TBK digital video recording (DVR) devices, according to an…
HackerOne is Excited to Launch Triage Ratings for Customers and Hackers
For customers and hackers, the triage experience is central to hacker-powered security. Our triagers consist of a globally distributed team of security analysts that triage…
What is server side request forgery (SSRF)?
Update: SSRF has been nominated in the new OWASP Top 10 of 2021. The list is currently pending peer reviews, but it would not be…
T-Mobile Hacked – Attackers Accessed Over 37M Sensitive Data
T-Mobile recently confirmed another hack, the second this year and ninth since 2018, revealing customer data and account PINs. While T-Mobile confirmed a recent system…
FBI seizes 9 cryptocurrency exchange websites supporting cyber criminals and ransomware spread
FBI officials have released an official statement that they have seized the servers operating in United States, Ukraine and France linked to about 9 cryptocurrency…
CISA Issues Advisory on Critical RCE Affecting ME RTU Remote Terminal Units
May 03, 2023Ravie LakshmananICS/SCADA Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released an Industrial Control Systems (ICS) advisory about a critical…
AvosLocker Claims Bluefield University Ransomware Attack
AvosLocker ransomware group has claimed the Bluefield University ransomware attack, hijacking the university’s mass alert system to display its own messages. According to a statement…
‘BouldSpy’ Malware Used by Iranian Government for Surveillance
New Android spyware, BouldSpy detected recently by Lookout Threat Lab, linked with moderate certainty to Iran’s Law Enforcement Command of the Islamic Republic of Iran.…
Who are Cyber Swindlers – Cybersecurity Insiders
Cyber swindlers, also known as cyber fraudsters, are individuals or groups who use the internet and technology to commit fraud or deception for financial gain.…
Malicious content lurks all over the web
Attackers are finding new ways to evade detection and blend in with normal network traffic using HTTP and HTTPS to deliver malware, according to Netskope.…
US Government Mandates Vulnerability Disclosure for IoT
This year has seen a rapid acceleration in the American government’s efforts to secure federal and state cyber infrastructure. This momentum has continued with the…