Community-driven PTaaS vs. Automated Pentesting
Modern pentesting approaches use independent security researchers working under strict NDAs and advanced software platforms to streamline the process. However, with many vendors focusing on…
Author: Cybernoz
GitHub Enterprise Server Flaw Allow Bypass Authentication
A critical vulnerability was discovered in the GitHub Enterprise Server that could allow attackers to completely bypass authentication and gain unauthorized access to repositories and…
Critical Memory Corruption In Cloud Logging Infrastructure
Fluent Bit, a widely used open-source data collector and processor, has been found to have a major memory loss flaw. Companies utilizing Fluent Bit in…
NextGen Healthcare Mirth Connect Under Attack
May 21, 2024NewsroomHealthcare / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a security flaw impacting NextGen Healthcare Mirth Connect to…
Secretforums & Breach Nation Lure Ex-BreachForums Members
Secretforums, a data leaks forum, announced that it would bestow former BreachForums members with ranks similar to what they had previously held on the seized…
PoC Exploit Released for QNAP QTS zero-day RCE Flaw
Researchers have shown a proof-of-concept (PoC) attack for a zero-day remote code execution (RCE) flaw in the QTS operating system from QNAP. Users of QNAP’s…
“Linguistic Lumberjack” Vulnerability Discovered in Popular Logging Utility Fluent Bit
May 21, 2024NewsroomCyber Attack / API Security Cybersecurity researchers have discovered a critical security flaw in a popular logging and metrics utility called Fluent Bit…
Kansas City Cyberattack Shuts Down KC Scout Camera Systems
Kansas City faced significant disruptions following a cyberattack, particularly affecting its crucial KC Scout camera system, which monitors Metro highways. The Kansas City cyberattack, occurring…
What Is a Business Logic Vulnerability? [Example]
It sounds straightforward enough, but business logic vulnerabilities can result in an array of serious security issues, such as unauthorized access, bypassing rate limits, or…
UK Researchers Find AI Chatbots Highly Susceptible to Jailbreaks
Advanced AI Safety Institute (AISI) researchers have recently discovered substantial vulnerabilities in popular AI chatbots, indicating that these systems are highly susceptible to “jailbreak” attacks.…
USA initiates $50m incentive program to thwart ransomware threats
In a groundbreaking move, the US Department of Health and Human Services (HHS) has introduced a $50 million initiative aimed at bolstering cybersecurity defenses for…
Western Sydney Uni discloses January “IT network” breach – Cloud – Security
Western Sydney University has disclosed a breach of its “IT network” from January that it has linked to an earlier incident involving its M365 environment.…