N. Korean Hackers ‘Mixing’ macOS Malware Tactics to Evade Detection
The North Korean threat actors behind macOS malware strains such as RustBucket and KANDYKORN have been observed "mixing and matching"...
Year: 2023
Transform Your Data Security Posture – Learn from SoFi’s DSPM Success
As cloud technology evolves, so does the challenge of securing sensitive data. In a world where data duplication and sprawl...
Key Cybercriminals Behind Notorious Ransomware Families Arrested in Ukraine
A coordinated law enforcement operation has led to the arrest of key individuals in Ukraine who are alleged to be...
Hackers Can Exploit ‘Forced Authentication’ to Steal Windows NTLM Tokens
Cybersecurity researchers have discovered a case of "forced authentication" that could be exploited to leak a Windows user's NT LAN...
Stop Identity Attacks: Discover the Key to Early Threat Detection
Identity and Access Management (IAM) systems are a staple to ensure only authorized individuals or entities have access to specific...
How Hackers Phish for Your Users’ Credentials and Sell Them
Account credentials, a popular initial access vector, have become a valuable commodity in cybercrime. As a result, a single set...
US-CERT Vulnerability Summary for the Week of November 20, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoadobe -- after_effectsAdobe After Effects version 24.0.2 (and earlier) and 23.6 (and...
HackerOne Bug Bounty Disclosure: b-content-spoofing-on-b-nonamehiiden
Company Name: b'Tor' Company HackerOne URL: https://hackerone.com/torproject Submitted By:b'nonamehiiden'Link to Submitters Profile:https://hackerone.com/b'nonamehiiden' Report Title:b'Content spoofing on'Report Link:https://hackerone.com/reports/273819Date Submitted:28 November 2023...
HackerOne Bug Bounty Disclosure: b-report-regarding-security-vulnerability-b-srkfan
Company Name: b'Tor' Company HackerOne URL: https://hackerone.com/torproject Submitted By:b'srkfan'Link to Submitters Profile:https://hackerone.com/b'srkfan' Report Title:b'Report Regarding Security Vulnerability'Report Link:https://hackerone.com/reports/269243Date Submitted:28 November...
HackerOne Bug Bounty Disclosure: b-solving-tor-vulnerability-in-other-to-make-bruteforce-difficult-b-joelisto
Company Name: b'Tor' Company HackerOne URL: https://hackerone.com/torproject Submitted By:b'joelisto'Link to Submitters Profile:https://hackerone.com/b'joelisto' Report Title:b'solving TOR vulnerability, in other to make...
HackerOne Bug Bounty Disclosure: b-https-get-ooni-torproject-org-b-ba-fe-ca-d-f-a
Company Name: b'Tor' Company HackerOne URL: https://hackerone.com/torproject Submitted By:b'ba4fe4ca95021d367f8a574'Link to Submitters Profile:https://hackerone.com/b'ba4fe4ca95021d367f8a574' Report Title:b'https://get.ooni.torproject.org/'Report Link:https://hackerone.com/reports/274285Date Submitted:28 November 2023 A considerable...
HackerOne Bug Bounty Disclosure: b-tor-project-full-path-disclosure-b-yox
Company Name: b'Tor' Company HackerOne URL: https://hackerone.com/torproject Submitted By:b'yox'Link to Submitters Profile:https://hackerone.com/b'yox' Report Title:b'Tor Project - Full Path Disclosure'Report Link:https://hackerone.com/reports/269426Date...
HackerOne Bug Bounty Disclosure: b-multiple-path-transversal-vulnerabilites-b-myselfphoton
Company Name: b'Tor' Company HackerOne URL: https://hackerone.com/torproject Submitted By:b'myselfphoton'Link to Submitters Profile:https://hackerone.com/b'myselfphoton' Report Title:b'Multiple Path Transversal Vulnerabilites'Report Link:https://hackerone.com/reports/273377Date Submitted:28 November...
HackerOne Bug Bounty Disclosure: b-rt-torproject-org-no-rate-limitting-on-login-form-b-xspade
Company Name: b'Tor' Company HackerOne URL: https://hackerone.com/torproject Submitted By:b'0xspade'Link to Submitters Profile:https://hackerone.com/b'0xspade' Report Title:b' No Rate Limitting on Login Form'Report...
HackerOne Bug Bounty Disclosure: b-zip-bomb-b-zerx
Company Name: b'Tor' Company HackerOne URL: https://hackerone.com/torproject Submitted By:b'zerx'Link to Submitters Profile:https://hackerone.com/b'zerx' Report Title:b'Zip bomb'Report Link:https://hackerone.com/reports/263663Date Submitted:28 November 2023 A...
HackerOne Bug Bounty Disclosure: b-potential-ip-revealing-using-unc-path-in-windows-file-picker-b-newfunction
Company Name: b'Tor' Company HackerOne URL: https://hackerone.com/torproject Submitted By:b'newfunction'Link to Submitters Profile:https://hackerone.com/b'newfunction' Report Title:b'Potential IP revealing using UNC Path in...
HackerOne Bug Bounty Disclosure: b-sql-injection-in-parameter-report-b-wiloos
Company Name: b'Tor' Company HackerOne URL: https://hackerone.com/torproject Submitted By:b'wiloos'Link to Submitters Profile:https://hackerone.com/b'wiloos' Report Title:b'SQL Injection in parameter REPORT'Report Link:https://hackerone.com/reports/269347Date Submitted:28...
HackerOne Bug Bounty Disclosure: b-use-of-unitialized-value-in-crypto-pk-num-bits-src-common-crypto-c-b-geeknik
Company Name: b'Tor' Company HackerOne URL: https://hackerone.com/torproject Submitted By:b'geeknik'Link to Submitters Profile:https://hackerone.com/b'geeknik' Report Title:b'Use of unitialized value in crypto_pk_num_bits (src/common/crypto.c:971)'Report...
CISA: Juniper Releases Security Advisory for Juniper Secure Analytics
Juniper Releases Security Advisory for Juniper Secure Analytics Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure...
CISA: CISA Releases The Mitigation Guide: Healthcare and Public Health (HPH) Sector
CISA Releases The Mitigation Guide: Healthcare and Public Health (HPH) Sector Today, CISA released the Mitigation Guide: Healthcare and Public...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on November 21, 2023. These...
CISA: CISA Requests Comment on Draft Secure Software Development Attestation Form
CISA Requests Comment on Draft Secure Software Development Attestation Form CISA has opened a 30-day Federal Register notice to receive...
CISA: Citrix Releases Security Updates for Citrix Hypervisor
Citrix Releases Security Updates for Citrix Hypervisor Citrix has released security updates addressing vulnerabilities in Citrix Hypervisor 8.2 CU1 LTSR....
CISA: CISA and UK NCSC Unveil Joint Guidelines for Secure AI System Development
CISA and UK NCSC Unveil Joint Guidelines for Secure AI System Development Today, in a landmark collaboration, the U.S. Cybersecurity...
