Tag
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers. Shadow apps may include instances of software that the company is already using. For example, a dev team may onboard their own
The threat actor tracked as Mustang Panda has refined its malware arsenal to include new tools in order to facilitate data exfiltration and the deployment of next-stage payloads, according to new findings from Trend Micro. The cybersecurity firm, which is monitoring the activity cluster under the name Earth Preta, said it observed "the propagation of PUBLOAD via a variant of the worm HIUPAN."
Cisco Talos is disclosing a new threat called “DragonRank” that primarily targets countries in Asia and a few in Europe, operating PlugX and BadIIS for search engine optimization (SEO) rank manipulation.
PPDB version 2.4-update 6118-1 suffers from a remote blind SQL injection vulnerability.
POMS version 1.0 suffers from an ignored default credential vulnerability.
Pharmacy Management System version version 1.0 suffers from an ignored default credential vulnerability.
PDF Generator Web Application version 1.0 suffers from an ignored default credential vulnerability.
Park Ticketing Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Online Travel Agency System version 1.0 suffers from an ignored default credential vulnerability.
Online Tours and Travels Management System version 1.0 suffers from an ignored default credential vulnerability.