Hot Topics

vulnerability

Critical SSH Vulnerability! PLUS: Facial Recognition Flaws & How to Dispose Old Devices Safely

Critical SSH Vulnerability, Facial Recognition Flaws, How to Safely Dispose of Old Devices

| | arrest, Cyber Security, Cybersecurity, data, Data Privacy, Delete My Data, Detroit, Detroit Police, Digital Forensics, Digital Privacy, Episodes, Exploit, facial recognition, hard drive, HDD, Information Security, Infosec, Old Computer, Old PC, openssh, personal data, Podcast, Podcasts, Privacy, Qualys, RegreSSHion, Secure Wipe, security, SSH, technology, vulnerability, Weekly Edition, zero-day
In episode 337, we cover “broken” news about the new SSH vulnerability ‘regreSSHion‘ highlighting the vulnerability discovered in the OpenSSH protocol by Qualys and its implications. We then discuss the Detroit Police ...
Shared Security Podcast
SCCM Exploitation: Evading Defenses and Moving Laterally with SCCM Application Deployment

SCCM Exploitation: Evading Defenses and Moving Laterally with SCCM Application Deployment

| | Blog, Cybersecurity, Penetration Testing, Threat & Attack Simulation, vulnerability, Vulnerability Management & Penetration Testing
TL;DR: Compromise of an SCCM administrator account can easily lead to compromise of every machine managed by SCCM. As this […] ...
The Guiding Point | GuidePoint Security
LockBit ransomware Federal Reserve

Ransomware Group Jumps on PHP Vulnerability

| | php, Ransomware, vulnerability
A long-running ransomware campaign that has been targeting Windows and Linux systems since 2019 is the latest example of how closely threat groups track public disclosures of vulnerabilities and proofs-of-concept (PoCs) and ...
Security Boulevard

MS Exchange Server Flaw: Keylogger Deployment Revealed

| | Africa Cybersecurity, Cybersecurity, Cybersecurity News, Data Privacy, Email Server Security, Endpoint Protection, Incident Response, keylogger, Middle East Cybersecurity, MS Exchange Server, Network Security, patch management, Positive Technologies, ProxyShell, Threat Intelligence, vulnerability
In a recent revelation, an unidentified malicious actor has been exploiting vulnerabilities in Microsoft Exchange Server to infiltrate systems with a keylogger malware, targeting various entities across Africa and the Middle East ...
TuxCare
A phone with brand impersonation scam calls on the screen

Risk vs. Threat vs. Vulnerability: What is the difference?

| | CISO Suite, Cyber Lingo, Cyber Security Risks, Definitions, Home, risk, risks, Seed n soil posts, threats, vulnerability
The post Risk vs. Threat vs. Vulnerability: What is the difference? appeared first on Click Armor ...
Click Armor
Contrast Security discovers Netflix OSS Genie application path traversal vulnerability that can lead to RCE during file upload

Contrast Security discovers Netflix OSS Genie application path traversal vulnerability that can lead to RCE during file upload

| | Contrast Assess, Contrast Protect, Directory Traversal, Genie, netflix, path traversal, vulnerability
Genie is a federated big data orchestration and execution engine developed and open sourced by Netflix.  ...
AppSec Observer
close-up photo of a laptop

VFCFinder Highlights Security Patches in Open Source Software

| | north Carolina state university, open source, security patches, software dependencies, vfc, vfcfinder, vulnerability, Vulnerability Fixing Commits
VFCFinder analyzes commit histories to pinpoint the most likely commits associated with vulnerability fixes ...
Security Boulevard

The Persistent Threat of Path Traversal Vulnerabilities in Software Development

| | advice, application protection, Best Practices, Cybersecurity, lateral movement, microsegmentation, next gen security, security, Security Research, vulnerability, zero trust
Path traversal vulnerabilities, or directory traversal, are now subject to a government advisory for obligatory consideration We live in an environment where digital infrastructure is increasingly fundamental to business operations across all ...
TrueFort

CVE-2024-27322 Vulnerability Found in R Programming Language

| | advice, Best Practices, Cybersecurity, next gen security, security, Uncategorized, vulnerability
A critical vulnerability (CVE-2024-27322) in R programming language exposes systems to arbitrary code execution : OFFICIAL CVE-2024-27322 PATCHING INFORMATION : A recent discovery has unearthed CVE-2024-27322, a significant vulnerability within the R ...
TrueFort

Preparing for Holiday Cyberattacks

| | advice, application protection, Best Practices, Cybersecurity, next gen security, Phishing, security, Security Research, vulnerability, zero-day
How can security teams be ready for holiday cyberattacks and a seasonal peak in cybercrime? Holiday cyberattacks are on the rise. The vacation season, be it Christmas, Hanukkah, Easter, St. Patrick’s Day, ...
TrueFort
Load more