Security
Headlines
HeadlinesLatestCVEs

Tag

#ios

GYM Management System 1.0 Insecure Settings

GYM Management System version 1.0 suffers from an ignored default credential vulnerability.

Packet Storm
#sql#xss#csrf#vulnerability#web#ios#mac#windows#apple#google#ubuntu#linux#debian#cisco#java#php#perl#auth#ruby#firefox
From Breach to Recovery: Designing an Identity-Focused Incident Response Playbook

Imagine this... You arrive at work to a chaotic scene. Systems are down, panic is in the air. The culprit? Not a rogue virus, but a compromised identity. The attacker is inside your walls, masquerading as a trusted user. This isn't a horror movie, it's the new reality of cybercrime. The question is, are you prepared? Traditional incident response plans are like old maps in a new world. They

New Android Malware Ajina.Banker Steals 2FA Codes, Spreads via Telegram

A new Android malware called Trojan Ajina.Banker is targeting Central Asia – Discover how this malicious malware disguises…

Say Goodbye to Phishing: Must-Haves to Eliminate Credential Theft

Even as cyber threats become increasingly sophisticated, the number one attack vector for unauthorized access remains phished credentials (Verizon DBIR, 2024). Solving this problem resolves over 80% of your corporate risk, and a solution is possible.  However, most tools available on the market today cannot offer a complete defense against this attack vector because they were architected to

Microsoft VS Code Undermined in Asian Spy Attack

A technique to abuse Microsoft's built-in source code editor has finally made it into the wild, thanks to China's Mustang Panda APT.

Fortinet Confirms Limited Data Breach After Hacker Leaks 440 GB of Data

A hacker claims to have stolen 440 GB of data from cybersecurity firm Fortinet, exploiting an Azure SharePoint…

Hackers Proxyjack & Cryptomine Selenium Grid Servers

A vendor honeypot caught two attacks intended to leverage the tens of thousands of exposed Selenium Grid Web app testing servers.

WordPress Mandates Two-Factor Authentication for Plugin and Theme Developers

WordPress.org has announced a new account security measure that will require accounts with capabilities to update plugins and themes to activate two-factor authentication (2FA) mandatorily. The enforcement is expected to come into effect starting October 1, 2024. "Accounts with commit access can push updates and changes to plugins and themes used by millions of WordPress sites worldwide," the