QNAP has addressed a critical vulnerability allowing attackers to log into QNAP NAS (network-attached storage) devices using hardcoded credentials. The hard-coded credentials vulnerability tracked as CVE-2021-28799
Read more
DWN : A Docker Pwn Tool Manager
DWN is a “docker-compose for hackers”. Using a simple YAML “plan” format similar to docker-compose, image names, versions and volume / port mappings are defined
Read more
‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market
Vulnerability disclosure platform driven by ‘transparency and fairness’, with over 500,000 bugs fixed since 2014 Open Bug Bounty has around 1,300 active bug bounty programs
Read more
Ransomware attacks on shipping, logistics organizations rising as coronavirus vaccine supply chain targeted
Emma Woollacott 22 April 2021 at 13:01 UTC Updated: 22 April 2021 at 15:06 UTC No honor among thieves As the Covid-19 pandemic places increasing
Read more
Cost of Account Unlocks, and Password Resets Add Up
There are many labor-intensive tasks that the IT service desk carries out on a daily basis. None as tedious and costly as resetting passwords. Modern
Read more
Kubesploit – A Cross-Platform Post-Exploitation HTTP/2 Command And Control Server And Agent Written In Golang
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin
Read more
Cybercriminals Using Telegram Messenger to Control ToxicEye Malware
Adversaries are increasingly abusing Telegram as a “command-and-control” system to distribute malware into organizations that could then be used to capture sensitive information from targeted
Read more
Attackers can hide ‘external sender’ email warnings with HTML and CSS
The “external sender” warnings shown to email recipients by clients like Microsoft Outlook can be hidden by the sender, as demonstrated by a researcher. Turns out, all
Read more
Valve belatedly fixes Steam gaming platform RCE vulnerability
One flaw fixed after criticisms about delays, but second longstanding security bug remains unaddressed Games publisher Valve has belatedly resolved a critical security flaw in
Read more
DoJ Launches Ransomware Taskforce as Apple Hit by Extortion Attempt
The US Department of Justice has reportedly launched a new ransomware task force, after an infamous threat group claimed to have stolen Apple trade secrets
Read more
Security Biz Launches RDP Breach Notification Site
A threat prevention firm is claiming to have access to 1.3 million breached RDP servers and their credentials, which were put up for sale on
Read moreADS goes here!
If you don't see it, then please turn OFFAD blocker for this website.
Our ads are not aggressive and help us
pay for the server and coffee.
THANK YOU for your support!