Exploiting Splunk SOAR vulnerability to hack into secure network
Splunk has found a vulnerability that enables unauthenticated log injection, which opens the door for hostile actors to execute dangerous code on the system. This…
Category: ExploitOne
US Air Force, FBI and Tennessee state agencies radio communication system compromised
According to a search warrant that was acquired by Forbes, the Pentagon is conducting an investigation into what it has described as a “critical compromise”…
Android users can now detect Bluetooth trackers, such as AirTag, without the need for an app
In the month of May, both Google and Apple made the announcement that they were going to work together to stop intrusive monitoring using AirTags…
Businesses have four days to report cyberattacks. CEOs dislike this US government decision
The United States Securities and Exchange Commission (SEC) has approved new regulations that call for publicly-traded companies to report significant breaches of cybersecurity within a…
New tool FraudGPT allows scamming and easy hacking of victims using AI
Cybercriminals have just released a new tool known as FraudGPT, which represents a significant risk to both private persons and commercial enterprises. As a result…
In 2023, the worldwide average cost of a data breach rose 15% to $4.45 million USD
According to the latest Cost of a Data Breach study from IBM, the worldwide average cost of a data breach reached $4.45 million in 2023.…
Zero day flaw ‘Zenbleed’ in AMD Zen 2 Ryzen 3000, EPYC CPUs can leak your enterprise data
The dangers posed by cybersecurity continue to advance, and processors are not exempt from this trend. CVE-2023-20593 is a severe security issue that affects AMD’s…
Citrix/NetScaler vulnerability CVE-2023-3519 can cause more damage than one can imagine
The Cybersecurity and Infrastructure Security Agency (CISA) of the United States has issued a warning that threat actors attempted to target critical infrastructure using a…
Two AMI BMC vulnerabilities allow destroying data centers around the world remotely
Researchers from the security company Eclypsium investigated the AMI firmware that was stolen in the 2021 ransomware attack. They discovered vulnerabilities that had been dormant…
Since Microsoft can’t figure out how it got hacked, it lets customers see M365 logs for free
Microsoft said on Wednesday that it will broaden logging settings for lower-tier M365 customers and prolong the time of retention for threat-hunting data in response…
Millions of WordPress ecommerce websites affected by these two vulnerabilities
Over one million different attempts have been made to get into a popular WordPress plugin over the last several days, according to experts that study…
How new CVSS 4.0 framework is a game changer for cyber security industry
The Common Vulnerability Scoring System (CVSS) framework, which is used by cybersecurity experts and manufacturers to convey data about software vulnerabilities, is undergoing significant revisions.…