IT admins Set Admin Portal Passwords to ‘admin’
IT admins can be considered culpable for weak password use if they fail to enforce strong password policies or neglect proper security measures. Their responsibility…
Category: CyberSecurityNews
Titan File Transfer Server Flaws
Multiple vulnerabilities have been discovered in Titan MFT and Titan SFTP servers owned by South River Technologies, which were associated with Information Disclosure, Session Fixation,…
CISA, FBI Warns of Critical Atlassian Zero-Day Flaw Under Active Attack
A serious security flaw in some versions of Atlassian Confluence Data Center and Server has been exploited by hackers. They have used this flaw to…
Threat Actors Exploiting Cisco IOS XE Zero-day Vulnerability
Threat actors exploit zero-day vulnerabilities because these flaws are unknown to the software developers, making them highly effective for launching attacks. Exploiting zero-days allows malicious…
ChatGPT for Vulnerability Detection – Prompts Used & Responses
Software vulnerabilities are essentially errors in code that malicious actors can exploit. Advanced language models such as CodeBERT, GraphCodeBERT, and CodeT5 can detect these vulnerabilities,…
A Novel Technique to Hide Malicious Code
Threat actors have employed a new technique to distribute malicious code named “EtherHiding,” which abuses Binance’s Smart Chain (BSC) contracts to host parts of a…
IBM QRadar SIEM XSS Flaw Let Attackers Execute Java code
Two medium-severity vulnerabilities have been discovered in the widely used IBM QRadar SIEM, associated with Cross-Site Scripting (XSS) and Information disclosure. The vulnerabilities have been…
CISA to Flag Vulnerabilities & Misconfigurations Exploited
Ransomware attacks have grown to be a serious concern for businesses of all sizes, with the potential to seriously harm the operations, finances, and reputation of…
Hackers Abusing Skype and Teams to Deliver the DarkGate Malware
Hackers utilized the Teams and Skype messaging platforms to spread the DarkGate malware to the targeted businesses. When DarkGate malware is installed, a Visual Basic…
OWASP ZAP 2.14.0 Released – What’s New!
OWASP ZAP is a free and open-source web application security scanner. It is designed to be utilized by expert penetration testers as well as individuals…
Telegram, AWS, & Alibaba Users Targeted in supply chain attack
A new supply-chain attack, which was active throughout September 2023, has been discovered in which threat actors used Typosquatting and Startjacking techniques to lure developers…
Microsoft’s AI Bug Bounty Program that Rewards Up to $15,000
Microsoft created a new AI Bug Bounty program, which rewards people who help improve the AI Power Bing experience. The rewards range from $2,000 to…