Cyber Security Newsfeeds from around the world
A vulnerability classified as critical was found in Palo Alto PAN-OS up to 8.1.9/9.0.3 (Firewall Software). This vulnerability affects an unknown part of the component
Session Handler . The manipulation with an unknown input leads to a memory corrupti…
Continue ReadingPowerDNS: denial of service via MASTER Zone Records Synthesis of the vulnerability An attacker can trigger a fatal error via MASTER Zone Records of PowerDNS, in order to trigger a denial of service. Impacted products:
Severity of this bulletin: 2/4. C…
Continue ReadingWhat is an Indicator of Attack (IOA) IoA’s is some events that could reveal an active attack before indicators of compromise become visible. Use of IoA’s provides a way to shift from reactive cleanup/recovery to a proactive mode, where attackers are di…
Continue ReadingThe broad movement of ‘connected devices’ represents a growing cybersecurity threat that puts patient data, medical information, and potentially patient well-being at risk.
Healthcare can’t wait for device makers to prioritize security.
Internet-conn…
Continue ReadingThis cheatsheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples. It is not a cheatsheet for Enumeration using Linux Commands. Privilege escalation is all about proper enumeration….
Continue Readingresearchers has revealed a new method to break Bluetooth’s encryption key negotiation protocol; the attack, dubbed ‘Key Negotiation of Bluetooth’ (KNOB) is possible on any device that supports the
protocol and has required an early response from Googl…
Continue ReadingAccording to iDownloadBlog.com (iDB), “in an unforeseen turn of events, hacker Pwn20wnd released v3.5.0 of the unc0ver jailbreak tool to the general public Sunday morning with official support for iOS 12.4, the latest available firmware release from Ap…
Continue ReadingResearchers are warning of an ongoing campaign exploiting vulnerabilities in a slew of WordPress plugins. The campaign is redirecting traffic from victims’ websites to a number of potentially harmful locations. Impacted by the campaign is a plugin call…
Continue ReadingDelaware, USA – August 23, 2019 – DarkHotel group (aka APT-C-06) modified Asruex backdoor, adding the capability of infecting PDFs, Word documents, and executables to spread infection within a targeted organization. The group is known for its stealth a…
Continue ReadingSoftware updates released by Kubernetes this week address HTTP/2 implementation vulnerabilities that were disclosed earlier this month.
HTTP/2 is the second major revision of the HTTP Internet protocol, meant to improve performance and stability. Ear…
Continue Reading