Paramount discloses data breach following security incident
American entertainment giant Paramount Global disclosed a data breach after its systems got hacked and attackers gained access to personally...
Year: 2023
OpenAI Promises Enterprise-Grade Security with ChatGPT for Business
The creators of ChatGPT, OpenAI, have launched ChatGPT Enterprise which it claims to be the “most powerful version of ChatGPT...
NCSC Issues Cyber Warning Over AI Chatbots
Organizations have been warned about the cyber risks of large language models (LLMs), including OpenAI’s ChatGPT, by the UK’s National...
FBI-Led Operation Duck Hunt Shuts Down QakBot Malware
The FBI has led a multinational law enforcement operation that has successfully dismantled QakBot, a leading malware loader used by...
Chinese Hackers Target US, Other Govts With Barracuda Flaw
Cybersecurity firm Mandiant has unveiled the details of a sophisticated global espionage campaign allegedly orchestrated by a Chinese-nexus threat group...
Flaw Exposes WP Migration Plugin to Hacks
A new security flaw has been discovered in the widely used All-in-One WP Migration Extensions plugin, potentially leaving millions of...
Chinese APT Group GREF Use BadBazaar in Android Espionage
ESET researchers have exposed a sophisticated espionage tool named BadBazaar, which targets Android users through malicious versions of popular communication...
Hackers Can Exploit Windows Container Isolation Framework to Bypass Endpoint Security
New findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint security solutions by...
CISA: CISA Releases IOCs Associated with Malicious Barracuda Activity
CISA Releases IOCs Associated with Malicious Barracuda Activity CISA has released additional indicators of compromise (IOCs) associated with exploitation of...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on August 24, 2023. These...
CISA: CISA’s VDP Platform 2022 Annual Report Showcases Success
CISA’s VDP Platform 2022 Annual Report Showcases Success Today, the Cybersecurity and Infrastructure Security Agency (CISA) released its inaugural Vulnerability Disclosure...
CISA: Mozilla Releases Security Updates for Firefox and Firefox ESR
Mozilla Releases Security Updates for Firefox and Firefox ESR Mozilla has released security updates to address vulnerabilities for Firefox 117,...
CISA: CISA and FBI Publish Joint Advisory on QakBot Infrastructure
CISA and FBI Publish Joint Advisory on QakBot Infrastructure Today, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau...
CISA: VMware Releases Security Updates for Aria Operations for Networks
VMware Releases Security Updates for Aria Operations for Networks VMware has released security updates to address multiple vulnerabilities in Aria...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on August 29, 2023. This...
CISA: Juniper Networks Releases Security Advisory for Junos OS and Junos OS Evolved
Juniper Networks Releases Security Advisory for Junos OS and Junos OS Evolved Juniper Networks has released a security advisory to...
US-CERT Vulnerability Summary for the Week of August 21, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoqemu -- qemuThe hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model...
Noir – An Attack Surface Detector Form Source Code
Noir is an attack surface detector form source code. Key Features Automatically identify language and framework from source code. Find...
HackerOne Bug Bounty Disclosure: b-missing-brute-force-protection-on-login-page-on-www-acronis-com-b-cevans
Company Name: b'Acronis' Company HackerOne URL: https://hackerone.com/acronis Submitted By:b'cevans_0'Link to Submitters Profile:https://hackerone.com/b'cevans_0' Report Title:b'Missing brute force protection on login page...
HackerOne Bug Bounty Disclosure: b-html-injection-b-ped-baq
Company Name: b'Mars' Company HackerOne URL: https://hackerone.com/mars Submitted By:b'ped_baq'Link to Submitters Profile:https://hackerone.com/b'ped_baq' Report Title:b'Html injection'Report Link:https://hackerone.com/reports/2061049Date Submitted:30 August 2023 A...
HackerOne Bug Bounty Disclosure: b-stored-xss-csrf-in-apellido-value-b-never-die
Company Name: b'Mars' Company HackerOne URL: https://hackerone.com/mars Submitted By:b'never_die'Link to Submitters Profile:https://hackerone.com/b'never_die' Report Title:b'Stored XSS + CSRF in "apellido" value'Report...
HackerOne Bug Bounty Disclosure: b-google-dork-lead-to-unsubscribe-anyone-from-all-banfield-emails-b-ractiurd
Company Name: b'Mars' Company HackerOne URL: https://hackerone.com/mars Submitted By:b'ractiurd'Link to Submitters Profile:https://hackerone.com/b'ractiurd' Report Title:b'Google dork lead to unsubscribe anyone from...
