Hack The Pentagon Turns One on HackerOne
Great news for U.S. citizens! Over 3,000 valid security vulnerabilities have been resolved with the U.S. Department of Defense’s “Hack the Pentagon” hacker-powered security program.…
Author: Cybernoz
Hackers target 1.5M WordPress sites with cookie consent plugin exploit
Ongoing attacks are targeting an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in a WordPress cookie consent plugin named Beautiful Cookie Consent Banner with more than…
How Must IT Leaders Develop Contingency Plans to Combat Geopolitical and Environmental Risks?
By Mohit Shrivastava, ICT Chief Analyst at Future Market Insights In today’s geostrategic context, geopolitics and technology are inextricably linked, but many IT professionals who…
How the Increasing IT Talent Gap is Impacting the Cybersecurity Industry
By Pete Sorensen, VP of Strategic Initiatives of ConnectWise In the rapidly evolving digital landscape, technology solution providers (TSPs) are having to deal with an…
Hack your way to NYC this December for h1-212
Want to win an all expenses paid trip to New York City to hack against HackerOne 1337 and a chance to earn up to $100,000…
Windows 10 KB5026435 update released with 2 new features, 18 fixes
Microsoft has released the optional KB5026435 Preview cumulative update for Windows 10 22H2 with two new features and 18 additional fixes or changes. This release…
H1-212 CTF results | HackerOne
Hello hackers! Thanks to all of you who participated in our first ever h1-212 CTF! We had a lot of fun building it and it…
Chinese hackers breach US critical infrastructure in stealthy attacks
Microsoft says a Chinese cyberespionage group it tracks as Volt Typhoon has been targeting critical infrastructure organizations across the United States, including Guam, since at…
Apria Healthcare Discloses Major Data Breach Impacting 1.8M Users
Apria Healthcare LLC, the victim of the data breach, serves more than 2 million patients annually, offering a wide range of medical equipment for conditions…
New PowerExchange malware backdoors Microsoft Exchange servers
A new PowerShell-based malware dubbed PowerExchange was used in attacks linked to APT34 Iranian state hackers to backdoor on-premise Microsoft Exchange servers. After infiltrating the…
The Voices of Vulnerability Disclosure: Look Who’s Talking About VDPs
The attention being given to vulnerability disclosure policies (VDP) in the past year has increased dramatically. It might be the latest high-profile breach that sparks…
GitLab ‘strongly recommends’ patching max severity flaw ASAP
GitLab has released an emergency security update, version 16.0.1, to address a maximum severity (CVSS v3.1 score: 10.0) path traversal flaw tracked as CVE-2023-2825. GitLab…