'

Over 178,000 SonicWall firewalls still vulnerable to old flaws

Over 178,000 SonicWall firewalls still vulnerable to old flaws

Security researchers found almost 150,000 SonicWall firewalls whose management interfaces are accessible from the internet and are vulnerable to an almost two-year-old critical flaw that can cause denial-of-service and potentially remote code execution. Even more firewalls are vulnerable to another instance of the same flaw in a different part of the code that was reported … Read more

London internet attack highlights confusing hacktivism movement

London internet attack highlights confusing hacktivism movement

A hacktivist group calling itself Anonymous Sudan claimed credit last week for an apparently unsuccessful attack on the London Internet Exchange, or LINX, attributing the action to Britain’s support of Israel. According to a tweet from OSINT research entity CyberKnow, LINX remained operational throughout, and the Anonymous Sudan group “provided less evidence than usual” for … Read more

Citrix Discloses Actively Exploited NetScaler ADC and Gateway Flaws

Citrix Discloses Actively Exploited NetScaler ADC and Gateway Flaws

Citrix is warning of two vulnerabilities in its NetScaler Application Delivery Controller (ADC) and Gateway appliances that are being exploited in the wild. The two flaws in Citrix’s network solution appliances include a high-severity denial-of-service bug (CVE-2023-6549) and a medium-severity remote code execution flaw (CVE-2023-6548). Citrix said it is aware of a “limited number of … Read more

Categories duo

Exploring the Latest Hacking News and Its Impact on Everyday People

Exploring the Latest Hacking News and Its Impact on Everyday People

In today’s interconnected world, cybersecurity remains a paramount concern. With the constant evolution of hacking techniques and cyber threats, staying informed about the latest hacking news is crucial for everyday people. In this blog post, we will dive into some of the recent topics in hacking news and discuss their relevance to individuals’ daily lives. … Read more

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

The rapper and social media personality Punchmade Dev is perhaps best known for his flashy videos singing the praises of a cybercrime lifestyle. With memorable hits such as “Internet Swiping” and “Million Dollar Criminal” earning millions of views, Punchmade has leveraged his considerable following to peddle tutorials on how to commit financial crimes online. But … Read more

A tougher balancing act in 2024, the year of the CISO

A tougher balancing act in 2024, the year of the CISO

At the end of last year, I wrote that 2024 would go down as “the year of the CISO.” This affirmation wasn’t a CISO celebration. Rather, legal concerns, compliance requirements, board-level scrutiny, and continual job stress will make 2024 a challenging year for CISOs — so much so that some CISOs may simply declare “no … Read more

Memory Safe: Casey Ellis

Memory Safe: Casey Ellis

In the latest Decipher Memory Safe episode, Casey Ellis, founder and CTO of Bugcrowd, talks about everything from imposter syndrome to the security concept of “building it like it’s broken.” Go to Source Author:

Categories duo

SoftwareProjects exposes substantial customer and affiliate data

SoftwareProjects exposes substantial customer and affiliate data

Affiliate sales platform SoftwareProjects had nearly 200GB worth customer and affiliate data exposed publicly before being discovered and reported by cybersecurity researcher Jeremiah Fowler. The exposed database contained 257,562 records with images of credit cards, identification documents, personally identifiable information, and other potentially sensitive information. “There were thousands of documents that disclosed personally identifiable information … Read more

Salt Security Delivers another Technology Breakthrough with Industry’s only API Posture Governance Engine

Salt Security Delivers another Technology Breakthrough with Industry’s only API Posture Governance Engine

Today, API security company Salt Security has announced multiple advancements in discovery, posture management and AI-based threat protection to the industry leading Salt Security API Protection Platform. Salt leapfrogs traditional posture management by providing the industry’s first API posture governance engine delivering operationalised API governance and threat detection across organisations at scale.  This news follows … Read more

New research reveals disconnect between global university education and recruitment standards

New research reveals disconnect between global university education and recruitment standards

New research conducted in the UK and US reveals that over three-quarters (78%) of cybersecurity and IT professionals believe a traditional university education in cybersecurity is not doing enough to prepare graduates for the modern workforce. Meanwhile, nearly two-thirds (64%) of cyber industry professionals say current recruitment processes inadequately assess candidates’ practical skills. This is … Read more

Keeper Security Adds Support for Hardware Security Keys as Sole 2FA Method

Keeper Security Adds Support for Hardware Security Keys as Sole 2FA Method

Zero-trust and zero-knowledge pros, Keeper Security, have introduced support for hardware security keys as a single Two-Factor Authentication (2FA) method. Implementing user authentication with only a hardware security key enhances overall security by providing a robust physical second factor, mitigating remote attacks and reducing dependency on mobile devices. Administrators can enforce the use of a … Read more

Citrix NetScaler devices face active zero-day exploitations

Citrix NetScaler devices face active zero-day exploitations

Citrix has warned its NetScaler ADC and NetScaler Gateway customers against two critical zero-day vulnerabilities that have active exploitations in the wild. Tracked as CVE-2023-6548 and CVE-2023-6549, the vulnerabilities allow miscreants to perform remote code execution (RCE) and denial-of-service (DoS) attacks on the affected devices. “The vulnerabilities only apply to customer-managed NetScaler ADC and NetScaler … Read more