The importance of computer identity in network communications: how to protect it and prevent its theft
The importance of computer identity in network communications: how to protect it and prevent threat actors from spying or stealing...
Month: December 2020
Apache Software Foundation fixes code execution flaw in Apache Struts 2
The Apache Software Foundation addressed a possible remote code execution vulnerability in Struts 2 related to the OGNL technology. The...
Top cybersecurity firm FireEye hacked by a nation-state actor
The cyber security giant FireEye announced that it was hacked by nation-state actors, likely Russian state-sponsored hackers. The cybersecurity firm...
OpenSSL is affected by a ‘High Severity’ security flaw, update it now
The OpenSSL Project disclosed a serious security vulnerability in TLS/SSL toolkit that exposes users to denial-of-service (DoS) attacks. The OpenSSL...
Huawei HedEx Lite (DM) – Path Traversal Web Vulnerability
Posted by Vulnerability Lab on Dec 08Document Title: =============== Huawei HedEx Lite (DM) - Path Traversal Web Vulnerability References (Source):...
VestaCP v0.9.8-26 – (LoginAs) Token Session Vulnerability
Posted by Vulnerability Lab on Dec 08Document Title: =============== VestaCP v0.9.8-26 - (LoginAs) Token Session Vulnerability References (Source): ====================https://www.vulnerability-lab.com/get_content.php?id=2240 Release...
VestaCP v0.9.8-26 – Insufficient Session Validation Web Vulnerability
Posted by Vulnerability Lab on Dec 08Document Title: =============== VestaCP v0.9.8-26 - Insufficient Session Validation Web Vulnerability References (Source): ====================https://www.vulnerability-lab.com/get_content.php?id=2238...
VestaCP v0.9.8-26 – (period) Cross Site Scripting Web Vulnerability
Posted by Vulnerability Lab on Dec 08Document Title: =============== VestaCP v0.9.8-26 - (period) Cross Site Scripting Web Vulnerability References (Source):...
Get a head start on defending against tax scams
It may not be tax season in your part of the world right now but you’ll no doubt be pleased...
Kaspersky announced the creation of the new smartphones with protection from hackers
A smartphone with a secure Kaspersky will have minimal functionality, said the head of Kaspersky Lab, Eugene Kaspersky. According to...
US Cybersecurity Company FireEye Hacked by ‘Nation-Backed’ Threat Actors
On Tuesday, one of the leading cybersecurity firms, FireEye said that it has been attacked by "highly sophisticated" state-sponsored hackers...
NSA Issued Warning Against Russian State-Sponsored Attackers for Exploiting VMware Access
An advisory warning has been issued by the United States National Security Agency (NSA) on 7th December that Russian malicious...
Putin announced a digital transformation in Russia
In the next decade, Russia will face digital transformation and the widespread introduction of artificial intelligence and big data analysis,...
UAE Faces Cyber Pandemic, Cyberattacks In The Middle East On The Rise
The Middle East is suffering a "cyber pandemic" crisis due to coronavirus-themed cyberattacks on the rise this year, says Mohamed...
Packer-Fuzzer – A Fast And Efficient Scanner For Security Detection Of Websites Constructed By Javascript Module Bundler Such As Webpack
With the popularity of web front-end packaging tools, have you encountered more and more websites represented by Webpack packager in...
Wp_Hunter – Static Analysis Of WordPress Plugins
Static analysis to search for vulnerabilities in Wordpress plugins. __ ____________ ___ ___ __ / / ______ / | __...
Patch Tuesday – December 2020
We close off our 2020 year of Patch Tuesdays with 58 vulnerabilities being addressed. While it's a higher count than...
2020 Under the Hoodie Report Reveals Pen Testers’ Most-Loved Vulnerabilities
Penetration testing (“pentesting”) is the practice of simulating a criminal breach of a sensitive area in order to uncover and...
Re: Disable Windows Defender and most other 3rd party antiviruses
Posted by Exibar on Dec 08Would this not be the same as uninstalling the AV application in safemode? -----Original Message-----...
Russian Alexander Vinnik sentenced in Paris to five years in prison for money laundering
Russian citizen Alexander Vinnik was sentenced in Paris to five years in prison for money laundering and ordered to pay 100,000...
Expert discloses zero-click, wormable flaw in Microsoft Teams
Security expert disclosed technical details about a wormable, cross-platform flaw in Microsoft Teams that could allow stealth attacks. Security researcher...
Critical remote code execution fixed in PlayStation Now
Security flaws in the PlayStation Now cloud gaming Windows application allowed hackers to execute arbitrary code on Windows systems. Bug bounty...
QNAP fixed eight flaws that could allow NAS devices takeover
Network-attached storage (NAS) vendor QNAP addressed vulnerabilities that could enable attackers to take over unpatched NAS devices. The Taiwanese vendor...
DoppelPaymer ransomware gang hit Foxconn electronics giant
Electronics contract manufacturer Foxconn is the last victim of the DoppelPaymer ransomware operators that hit a Mexican facility. DoppelPaymer ransomware operators...
