Security
Headlines
HeadlinesLatestCVEs

Tag

#web

Unravelling Retirement Banking Scams and How To Protect Yourself

By Uzair Amir In the labyrinth of financial scams, one of the most insidious is the retirement banking scam. Imagine a… This is a post from HackRead.com Read the original post: Unravelling Retirement Banking Scams and How To Protect Yourself

HackRead
Open in Source
#vulnerability#web#ios#mac#git#auth#ssl
Critical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches

Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. The issue, tracked as CVE-2024-21591, is rated 9.8 on the CVSS scoring system. “An out-of-bounds write vulnerability in J-Web of Juniper Networks Junos OS SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a

29-Year-Old Ukrainian Cryptojacking Kingpin Arrested for Exploiting Cloud Services

A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits. The person was apprehended in Mykolaiv, Ukraine, on January 9 by the National Police of Ukraine with support from Europol and an unnamed cloud service provider following “months of intensive collaboration.” “A cloud

GHSA-32r3-57hp-cgfw: EverShop at risk to unauthorized access via weak HMAC secret

An issue was discovered in NPM's package @evershop/evershop before version 1.0.0-rc.9. The HMAC secret used for generating tokens is hardcoded as "secret". A weak HMAC secret poses a risk because attackers can use the predictable secret to create valid JSON Web Tokens (JWTs), allowing them access to important information and actions within the application.

FCC wants cars to make life harder for stalkers

The FCC wants car makers and wireless providers to make it harder for stalkers to use your car against you.

Joomla! vulnerability is being actively exploited

A vulnerability in the popular Joomla! CMS has been added to CISA's known exploited vulnerabilities catalog.

Gentoo Linux Security Advisory 202401-16

Gentoo Linux Security Advisory 202401-16 - Multiple vulnerabilities have been discovered in FreeRDP, the worst of which could result in code execution. Versions greater than or equal to 2.11.0 are affected.

Gentoo Linux Security Advisory 202401-15

Gentoo Linux Security Advisory 202401-15 - A vulnerability has been found in Prometheus SNMP Exporter which could allow for authentication bypass. Versions greater than or equal to 0.24.1 are affected.

Quick TFTP Server Pro 2.1 Denial Of Service

Quick TFTP Server Pro version 2.1 remote denial of service exploit.

Copyright Loan Management System 2024 1.0 SQL Injection

Copyright Loan Management System 2024 version 1.0 suffers from a remote SQL Injection vulnerability that allows for authentication bypass.