Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

PHProjekt PhpSimplyGest / MyProjects 1.3.0 Cross Site Scripting

PHProjekt PhpSimplyGest and MyProjects version 1.3.0 suffer from a cross site scripting vulnerability.

Packet Storm
Open in Source
#xss#vulnerability#web#microsoft#git#java#php#auth#firefox
Multichannel Phishing Concerns Cybersecurity Leaders in 2022

With 80% of companies using cloud collaboration tools, cybercriminals are using multichannel phishing attacks to exploit security gaps in the hybrid work model.

1,000+ Attacks in 2 Years: How the SideWinder APT Sheds Its Skin

Researcher to reveal fresh details at Black Hat Asia on a tenacious cyber-espionage group attacking specific military, law enforcement, aviation, and other entities in Central and South Asia.

Google to Add Passwordless Authentication Support to Android and Chrome

Google today announced plans to implement support for passwordless logins in Android and the Chrome web browser to allow users to sign in across different devices and websites irrespective of the platform. "This will simplify sign-ins across devices, websites, and applications no matter the platform - without the need for a single password," Google said. <!--adsense--> Apple and Microsoft are

Cloudflare Successfully Thwarted One of The Largest DDoS Attacks

By Waqas Cloudflare explained that it wasn’t the largest application-layer attack but the largest ever noted in the HTTPS category.… This is a post from HackRead.com Read the original post: Cloudflare Successfully Thwarted One of The Largest DDoS Attacks

Mustang Panda deploys a new wave of malware targeting Europe

By Jung soo An, Asheer Malhotra and Justin Thattil, with contributions from Aliza Berk and Kendall McKay. In February 2022, corresponding roughly with the start of the Russian Invasion of Ukraine, Cisco Talos began observing the China-based threat actor Mustang Panda conducting phishing campaigns... [[ This is only the beginning! Please visit the blog for the complete entry ]]

F5 Warns of a New Critical BIG-IP Remote Code Execution Vulnerability

Cloud security and application delivery network (ADN) provider F5 on Wednesday released patches to contain 43 bugs spanning its products. Of the 43 issues addressed, one is rated Critical, 17 are rated High, 24 are rated Medium, and one is rated low in severity. Chief among the flaws is CVE-2022-1388, which carries a CVSS score of 9.8 out of a maximum of 10 and stems from a lack of

GitHub to Developers: Turn on 2FA or Lose Access

All active GitHub users who contribute code will be required to enable at least one form of two-factor authentication by the end of 2023.

China-Backed Winnti APT Siphons Reams of US Trade Secrets in Sprawling Cyber-Espionage Attack

Operation CuckooBees uncovered the state-sponsored group's sophisticated new tactics in a years-long campaign that hit more than 30 tech and manufacturing companies.