Passport-SAML auth bypass triggers fix of critical, upstream XMLDOM bug
Adam Bannister 08 November 2022 at 16:33 UTC Updated: 25 November 2022 at 10:37 UTC Rapid remedy follows reawakening of...
Read more →Author: Cybernoz
Russia’s Cyberwar Foreshadowed Deadly Attacks on Civilians
But for anyone involved in fending off Russia’s cyberattacks on Ukraine over the past eight years, Russia’s preference for civilian...
Read more →
BitKeep Confirms Cyber Attack, Loses Over $9 Million in Digital Currencies
Dec 28, 2022Ravie LakshmananBlockchain / Android Malware Decentralized multi-chain crypto wallet BitKeep on Wednesday confirmed a cyberattack that allowed threat...
Read more →
CSS injection flaw patched in Acronis cloud management console
CSRF attacks could be triggered to access and exfiltrate information A security researcher has disclosed a CSS injection flaw in...
Read more →
Google Pixel screen-lock hack earns researcher $70k
John Leyden 10 November 2022 at 16:14 UTC Updated: 11 November 2022 at 11:23 UTC Android security pwned by PUK...
Read more →
APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector
Dec 28, 2022Ravie LakshmananMalware / Windows Security Microsoft’s decision to block Visual Basic for Applications (VBA) macros by default for...
Read more →
CSRF in Plesk API enabled server takeover
Ben Dickson 11 November 2022 at 11:31 UTC Updated: 11 November 2022 at 16:51 UTC Bugs in programming interfaces of...
Read more →
Google wants its Gmail users to take these security steps in 2023
Google, the much-used search engine across the world, has disclosed some security steps to its Gmail users to stay cyber...
Read more →
Prototype pollution project yields another Parse Server RCE
Adam Bannister 11 November 2022 at 15:37 UTC Updated: 02 December 2022 at 11:49 UTC Bug emerges from ambition to...
Read more →
Black Basta Ransomware hits two electric utilities in America
Black Basta Ransomware Group has reportedly hit two electric utilities in North America in October this year and the attack...
Read more →
Linux Kernel Use-After-Free RCE Vulnerability
An emergency security patch was released by Linux recently to fix a kernel-level security critical severity vulnerability. This vulnerability has...
Read more →
All Day DevOps: Third of Log4j downloads still pull vulnerable version despite threat of supply chain attacks
Adam Bannister 14 November 2022 at 16:16 UTC Updated: 24 November 2022 at 12:50 UTC AppSec engineer keynote says Log4j...
Read more →