Hackers hijack legitimate sites to host credit card stealer scripts
A new Magecart credit card stealing campaign hijacks legitimate sites to act as “makeshift” command and control (C2) servers to...
Read more →News Archive
View All →
CISA orders govt agencies to patch MOVEit bug used for data theft
CISA has added an actively exploited security bug in the Progress MOVEit Transfer managed file transfer (MFT) solution to its...
Read more →
Web Server Penetration Testing Checklist
Web server pentesting is performed under 3 significant categories: Identity, Analyse, and Report Vulnerabilities such as authentication weakness, configuration errors, and protocol...
Read more →
Week in review: MOVEit Transfer critical zero-day vulnerability, Kali Linux 2023.2 released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: MOVEit Transfer zero-day attacks: The...
Read more →
What is PCI Penetration Testing?
Organizations dealing with card payment data must comply with the Payment Card Industry Data Security Standard (PCI DSS) to protect...
Read more →
Zyxel shares tips on protecting firewalls from ongoing attacks
Zyxel has published a security advisory containing guidance on protecting firewall and VPN devices from ongoing attacks and detecting signs...
Read more →
Online sellers targeted by new information-stealing malware campaign
Online sellers are targeted in a new campaign to push the Vidar information-stealing malware, allowing threat actors to steal credentials...
Read more →
Hacking Apple macOS devices exploiting the Migration Assistant
A vulnerability that was only recently found and given the name “Migraine” is connected to macOS migration functionality and represents...
Read more →
AI Is Being Used to ‘Turbocharge’ Scams
Code hidden inside PC motherboards left millions of machines vulnerable to malicious updates, researchers revealed this week. Staff at security firm...
Read more →
Google Drive Security Flaw Let Hackers Exfiltrate Data
Google Drive is one of the most used cloud-based storage platforms, and due to its immense popularity and capabilities, it’s...
Read more →
How AI Protects (and Attacks) Your Inbox
When Aparna Pappu, vice president and general manager of Google Workspace, spoke at Google I/O on May 10, she laid...
Read more →
Splunk Flaw Let Attackers Escalate Privilege
Splunk is one of the most used SIEM (Security Incident and Event Management) tools worldwide. Splunk can collect logs of...
Read more →