Security
Headlines
HeadlinesLatestCVEs

Tag

#zero_day

CVE-2022-36962: SolarWinds Trust Center Security Advisories | CVE-2022-36962

SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote adversary with complete control over the SolarWinds database to execute arbitrary commands.

CVE
Open in Source
#vulnerability#auth#zero_day
A Ride on the Wild Side with Hacking Heavyweight Sick Codes

Beverage of Choice: Krating Daeng (Thai Red Bull) Industry Influencer he Admires: Casey John Ellis What did you want to be when you grew up? A physician and nearly did Hobbies (Present & Past): Motorcycling & Australian Football Bucket List: Continuing to discover new software Fun Fact: He currently has 2,000 tabs open “People keep … A Ride on the Wild Side with Hacking Heavyweight Sick Codes Read More »

A Ride on the Wild Side with Hacking Heavyweight Sick Codes

Beverage of Choice: Krating Daeng (Thai Red Bull) Industry Influencer he Admires: Casey John Ellis What did you want to be when you grew up? A physician and nearly did Hobbies (Present & Past): Motorcycling & Australian Football Bucket List: Continuing to discover new software Fun Fact: He currently has 2,000 tabs open

Update Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw

Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser. Tracked as CVE-2022-4135, the high-severity vulnerability has been described as a heap buffer overflow in the GPU component. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the flaw on November 22, 2022. Heap-based buffer overflow bugs can be

How Development Teams Should Respond to Text4Shell

Yet another *4Shell exploit highlights the horror of strange visitors into enterprise environments. This Tech Tip focuses on what to do next.

How Tech Companies Can Slow Down Spike in Breaches

Cybercrime continues to evolve — and shows no signs of slowing down.

A Leak Details Apple's Secret Dirt on Corellium, a Trusted Security Startup

A 500-page document reviewed by WIRED shows that Corellium engaged with several controversial companies, including spyware maker NSO Group.

Log4Shell – Iranian Hackers Accessed Domain Controller of US Federal Network

By Waqas The attack, according to authorities, was launched on the Federal Civilian Executive Branch (FCEB). This is a post from HackRead.com Read the original post: Log4Shell – Iranian Hackers Accessed Domain Controller of US Federal Network

Step-by-Step Security Guide for WordPress

By Waqas The most prominent CMS today is WordPress which is being used by over 455 million across the globe. This is a post from HackRead.com Read the original post: Step-by-Step Security Guide for WordPress

BitSight Enhances Its Third-Party Risk Management Platform to Help Organizations Respond to Major Vulnerabilities

Additional functionality also added to the fourth-party risk solution is providing better visibility and insights into vendor risk.