PortSwigger Launches Burp AI to Enhance Penetration Testing with AI
PortSwigger, the makers of Burp Suite, has taken a giant leap forward in the field of cybersecurity with the launch of Burp AI, a groundbreaking set…
Month: April 2025
Defining a Strong Cybersecurity Ecosystem for Higher Ed
Colleges and universities are faced with cyberattacks that come in many forms, including insider threats, malware, botnets, phishing, DDoS (distributed denial of service), ransomware, APT…
Building a reasonable cyber defense program
If you do business in the United States, especially across state lines, you probably know how difficult it is to comply with U.S. state data…
Global Retailer Overshares CSRF Tokens with Facebook
Apr 01, 2025The Hacker NewsWeb Security / GDPR Compliance Are your security tokens truly secure? Explore how Reflectiz helped a giant retailer to expose a…
Study: Alternative Data Streams | Daniel Miessler
You may be interested to know about another “SECRET” that the boys in Redmond try not to advertise. It is called Alternative Data Streams, and…
Critical auth bypass bug in CrushFTP now exploited in attacks
Attackers are now targeting a critical authentication bypass vulnerability in the CrushFTP file transfer software using exploits based on publicly available proof-of-concept code. The security…
Chord Specialty Dental Partners Data Breach Exposes Customer Personal Data
Chord Specialty Dental Partners is under scrutiny after revealing a data breach that compromised the personal and health information of its customers. The breach, which…
Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaign
Apr 01, 2025Ravie LakshmananNetwork Security / Vulnerability Cybersecurity researchers are warning of a spike in suspicious login scanning activity targeting Palo Alto Networks PAN-OS GlobalProtect…
France’s antitrust authority fines Apple €150M for issues related to its App Tracking Transparency
France’s antitrust authority fines Apple €150M for issues related to its App Tracking Transparency Pierluigi Paganini April 01, 2025 France fines Apple €150M for abusing…
Study: SMTP | Daniel Miessler
SMTPRFC 821 SMTP is the main protocol used for sending mail on the Internet. Understanding it to at least a moderate degree is a must.…
Kentico Xperience CMS XSS Vulnerability Allows Remote Code Execution
Kentico Xperience CMS, a widely used platform designed for enterprises and organizations, is under scrutiny after a vulnerability chain was discovered that exploits Cross-Site Scripting…
Microsoft Teams Vishing Used to Deploy Malware via TeamViewer
Ontinue’s Cyber Defense Centre (CDC) recently investigated an incident that shows how a simple vishing call can turn into a full environment compromise. The attack…