Cybersecurity Outlook 2025: A Year Of Change
As organizations grow more dependent on technology, the risks associated with cyber attacks, data breaches, and system disruptions continue to intensify. The World Economic Forum’s…
Month: January 2025
Italy’s Data Protection Authority Garante requested information from Deepseek
Italy’s Data Protection Authority Garante requested information from Deepseek Pierluigi Paganini January 30, 2025 Italy’s data privacy regulator Garante has requested information from Chinese AI…
Investing in the security researcher community for shared success
Our researcher community is the beating heart of our bug bounty platform, identifying hard-to-find vulnerabilities and improving security for our customers. Investing in this community…
GUEST BLOG: Vulnerability Disclosure Adoption In The Consumer IoT space Is Lagging, But What About Elsewhere?
There is a lot of focus, rightly so, on the consumer IoT space. We have had a lot of incidents in the past few years…
New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks
Jan 30, 2025Ravie LakshmananVulnerability / IoT Security A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting…
TeamViewer Windows App Let Attackers Escalate Privileges to System User
A critical security vulnerability has been identified in TeamViewer Clients for Windows, allowing attackers with local access to escalate their privileges to the system level. …
Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits
Jan 30, 2025Ravie LakshmananWeb Security / Vulnerability Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an…
Apple’s Big AI Jump | Daniel Miessler
How Apple will go from the worst AI to the best Apple’s about to go from having the worst AI implementation to having the best.…
GUEST BLOG: Governments Across The World Are Mandating Vulnerability Disclosure So Why Are Companies Sitting On Their Hands?
The IoT Security Foundation’s fifth annual report into the state of vulnerability disclosure consumer Internet of Things, produced by Copper Horse and supported by HackerOne,…
Google’s Subdomain ‘g.co’ Hacked – Hackers Gain Google Account Access Over Phone Call
Cybercriminals recently exploited Google’s g.co subdomain to carry out a meticulously crafted scam over a vishing call. The incident was chronicled by Zach Latta, founder…
ExtensionHound: Open-source tool for Chrome extension DNS forensics
Traditional monitoring tools reveal only traffic from the Chrome process, leaving security teams uncertain about which extension is responsible for a suspicious DNS query. ExtensionHound…
Threat Actors Exploit Government Website Vulnerabilities For Phishing Attacks
Cybercriminals are increasingly exploiting vulnerabilities in government websites to carry out phishing campaigns, leveraging the inherent trust users place in official domains. A recent report…