387+ New Security Flaws Patched
Oracle consistently receives reports of attempted malicious exploits, with some attackers succeeding due to customers neglecting available security patches. The company urges customers to stay…
Category: CyberSecurityNews
Sophos Firewall Password Disclosure Vulnerability: Patch Now!
Sophos, a well-known cybersecurity solutions provider, has promptly resolved a significant security vulnerability discovered in their Firewall system. The flaw, reported by IT für Caritas…
Hackers Use Fake Browser Updates Install Malware on Computer
Malware distribution on users’ computers is achieved through phony browser updates presented on websites that hackers have hijacked. When a user visits a hacked website,…
Hackers Steal Source Code and Information
D-Link Corporation, a multinational company that provides innovative networking solutions for both consumer and business markets around the world, has been accused of suffering a…
IT admins Set Admin Portal Passwords to ‘admin’
IT admins can be considered culpable for weak password use if they fail to enforce strong password policies or neglect proper security measures. Their responsibility…
Titan File Transfer Server Flaws
Multiple vulnerabilities have been discovered in Titan MFT and Titan SFTP servers owned by South River Technologies, which were associated with Information Disclosure, Session Fixation,…
CISA, FBI Warns of Critical Atlassian Zero-Day Flaw Under Active Attack
A serious security flaw in some versions of Atlassian Confluence Data Center and Server has been exploited by hackers. They have used this flaw to…
Threat Actors Exploiting Cisco IOS XE Zero-day Vulnerability
Threat actors exploit zero-day vulnerabilities because these flaws are unknown to the software developers, making them highly effective for launching attacks. Exploiting zero-days allows malicious…
ChatGPT for Vulnerability Detection – Prompts Used & Responses
Software vulnerabilities are essentially errors in code that malicious actors can exploit. Advanced language models such as CodeBERT, GraphCodeBERT, and CodeT5 can detect these vulnerabilities,…
A Novel Technique to Hide Malicious Code
Threat actors have employed a new technique to distribute malicious code named “EtherHiding,” which abuses Binance’s Smart Chain (BSC) contracts to host parts of a…
IBM QRadar SIEM XSS Flaw Let Attackers Execute Java code
Two medium-severity vulnerabilities have been discovered in the widely used IBM QRadar SIEM, associated with Cross-Site Scripting (XSS) and Information disclosure. The vulnerabilities have been…
CISA to Flag Vulnerabilities & Misconfigurations Exploited
Ransomware attacks have grown to be a serious concern for businesses of all sizes, with the potential to seriously harm the operations, finances, and reputation of…