How I bypassed the registration validation and logged-in with the company email | by Khaledyassen | InfoSec Write-ups
Finding my First bug in Bug Bounty which was misconfigured google maps API key disclosure | OSINT TEAM
Earth Krahang APT breached tens of government orgs worldwide
Suspected Russian Data-Wiping 'AcidPour' Malware Targeting Linux x86 Devices
GlobalSign PKIaaS Connector enhances ServiceNow certificate lifecycle management
BigID raises $60 million to accelerate AI data security innovation
Prolific Chinese Threat Campaign Targets 100+ Victims
Subdomain Fuzzing worth 35k bounty! | by HX007 | Mar, 2024 | Medium
Lynis: Open-source security auditing tool
Outsmarting cybercriminal innovation with strategies for enterprise resilience
Why is everyone talking about certificate automation?
Cybersecurity jobs available right now: March 19, 2024
How to Backup and Restore Database in SQL Server
Web injections are back on the rise: 40+ banks affected by new malware campaign
E-Root Marketplace Admin Sentenced to 42 Months for Selling 350K Stolen Credentials
New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT
Surviving the “quantum apocalypse” with fully homomorphic encryption
North Korea-Linked Group Levels Multistage Cyberattack on South Korea
ML Model Repositories: The Next Big Supply Chain Attack Target
Chinese Earth Krahang hackers breach 70 orgs in 23 countries
Investment advisers pay $400K to settle ‘AI washing’ charges
Fortra FileCatalyst RCE bug disclosed; full PoC exploit available
PoC exploit for critical RCE in Fortra FileCatalyst tool released
Fujitsu Scrambles After Malware Attack: Customer Data Potentially Breached
Fujitsu finds malware on company systems, investigates possible data breach
Fujitsu: Malware on Company Computers Exposed Customer Data
Brazilian Authorities Arrest Members of Banking Trojan Cybercrime Group
Saudi Arabia's National Cybersecurity Authority Announces the GCF Annual Meeting 2024
Chinese APT 'Earth Krahang' Compromises 48 Gov't Orgs on 5 Continents
Microsoft announces deprecation of 1024-bit RSA keys in Windows
4 Ways Cybercrime Could Impact Your Loan Business | by InfoSec Write-ups | Mar, 2024 | InfoSec Write-ups
Fake Google Docs on Google Sites launch AZORult infostealer campaign
Fujitsu suffered a malware attack and probably a data breach
New AcidRain Linux Malware Variant "AcidPour" Targeting Ukraine
Apex Legends players worried about RCE flaw after ALGS hacks
Moldovan Behind E-Root Marketplace Gets US Federal Prison Term
New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics
AT&T Data Leaked Impacting 70 Million But AT&T Denies Despite Strong Evidence | Daily Security Review
IMF Cybersecurity Breach - Compromised Email Accounts
FBI’s IC3 Report: Losses from Cybercrime Surpass $12.5 Billion—a New Record 
Fujitsu found malware on IT systems, confirms data breach
5 Best Practices for Securing Azure Resources
Tracking Everything on the Dark Web Is Mission Critical
50,000 Vulnerabilities Discovered in DoD Systems Through Bug Bounty
FCC Agrees to Cyber Trust Mark for IoT Products
Update delays to NIST vulnerability database alarms researchers
COTI Announces Upcoming V2 Airdrop Campaign Worth +10M USD
Fujitsu found malware on IT systems, confirms data breach
How the New NIST 2.0 Guidelines Help Detect SaaS Threats
Microsoft: 87% of UK Organizations Vulnerable to Costly Cyber-Attacks
Three New Critical Vulnerabilities Uncovered in Argo
Cybersecurity threats escalate
Mandatory cyber requirements after Change Healthcare attack opposed by health sector
Remove WordPress miniOrange plugins, a critical flaw can allow site takeover
Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool
Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites
Dark Web Tool Arms Ransomware Gangs: E-commerce & Aviation Industries Targeted
Deloitte unveils CyberSphere platform for simplified cyber program management
NHS Dumfries and Galloway Warns of “Significant” Data Theft
A Common KQL Mistake in Threat Hunting and Detection Engineering | by Mehmet Ergene | Mar, 2024 | Medium
Application Level DoS - Smoking with ‘null’ Again | by Jerry Shah (Jerry) | Mar, 2024 | Medium
Bug Bounty Platforms are a Scam [Mostly] | by HackthePlanet - A Hacker's Blog. | Mar, 2024 | Medium
More than 740GB of data claimed to be stolen from Viber
Ransomware attack impacts Pennsylvania school district
The Aviation and Aerospace Sectors Face Skyrocketing Cyber Threats
Loft Labs simplifies multi-cluster Kubernetes management for Rancher users
Nissan breach exposed data of 100,000 individuals
IMF Investigates Serious Cybesecurity Breach
Benchmarking the Security Capabilities of Large Language Models
Email accounts of International Monetary Fund compromised
WordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw
43 million workers potentially affected in France Travail data breach
South African Government Pension Data Leak Fears Spark Probe
3 Ways Businesses Can Overcome the Cybersecurity Skills Shortage
Over 700 Dark Web Ads Offer DDoS Attacks Via IoT in 2023
APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme
Public anxiety mounts over critical infrastructure resilience to cyber attacks
The dark side of GenAI
Harnessing the power of privacy-enhancing tech for safer AI adoption
Quicmap: Fast, open-source QUIC protocol scanner
AT&T says leaked data of 70 million people is not from its systems
Microsoft again bothers Chrome users with Bing popup ads in Windows
Threat actors leaked 70M+ records allegedly stolen from AT&T
New acoustic attack determines keystrokes from typing patterns
“gitgub” campaign targets Github users with RisePro info-stealer
Week in review: Cybersecurity job openings, hackers use 1-day flaws to drop custom Linux malware
HTB — Netmon. Default creds for the win! | by Dfaults | Mar, 2024 | InfoSec Write-ups
newsletter Round 463 by Pierluigi Paganini
Mastering Cyber Threat Intelligence with Obsidian | by Bank Security | Mar, 2024 | Medium
Wazuh : Presentation & Implementation | by Daouda Diallo | Mar, 2024 | Medium
From LDAP injection till System Privileges | by Muhannad Almalki | Mar, 2024 | Medium
France Travail data breach impacted 43 Million people -
Scranton School District suffered a ransomware attack
Hackers Claim Accessing 740GB of Data from Viber Messaging App
Hackers exploit Aiohttp bug to find vulnerable networks
Penetration Testing Microsoft Copilot 365 | by R. Eric Kiser | Mar, 2024 | InfoSec Write-ups
JavaScript Vulnerability Detection: Leveraging Katana and SecretFinder | InfoSec Write-ups
MRS #2: Bypassing premium features by checking “premium validation” parameters (€€€) | by can1337 | Mar, 2024 | InfoSec Write-ups
How much money did I make from doing Bug Bounty? | by Imad Husanovic | Mar, 2024 | Medium
Easiest way to find hidden api from js files | by JEETPAL | Mar, 2024 | Medium
Lazarus APT group returned to Tornado Cash to launder stolen funds -
Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer
Earning eMAPT: My journey towards becoming an eLearn Security certified. | by Mohammad Hossein Aghaee | Mar, 2024 | Medium
When Malware Packs a Human Form. Disrupting path dependency online & off… | by Linda Margaret | Brain Labs | Mar, 2024 | Medium
How I Found Multiple XSS Vulnerabilities Using Unknown Techniques | by Khaledyassen | Mar, 2024 | InfoSec Write-ups
MRS #2: Bypassing premium features by checking “premium validation” parameters (€€€) | by can1337 | Mar, 2024 | InfoSec Write-ups
JavaScript Vulnerability Detection: Leveraging Katana and SecretFinder | InfoSec Write-ups
Diving into Cybersecurity Management — Part One | by Katlyn Gallo | Dark Roast Security | Mar, 2024 | Medium
Don’t Let Google Manage Your Passwords | by PCMag | PC Magazine | Medium
Explore topics
OSINT Techniques for Sensitive Documents That Have Escaped Into The Clear Web | by Christina Lekati | Mar, 2024 | Medium
Medium
Free Coursera Courses for Computer Science Students from Reputed Universities | Free Courses on IoT, Data Structure, Algorithms, Computer Architecture | Medium
Ensuring Data Privacy and Patient Confidentiality in the Pharma and Life Sciences Sectors with NextLabs | NextLabs
Bypassing USBGuard on Linux
Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG | Home
Gaining kernel code execution on an MTE-enabled Pixel 8 - The GitHub Blog
NSA's Ongoing Chase: Unraveling the Chinese Hack, Volt Typhoon - CIS Security Services
Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites
Vulnerability Summary for the Week of March 11, 2024 | CISA
Cisco Completes $28 Billion Acquisition of Splunk - SecurityWeek
Open the Door, Lishi Cowboy - Official Music Video - YouTube
Apex Legends: ¡Finales del ALGS DESTRUÍDAS por HACKERS!
ICS/OT Penetration Testing of Siemens Simatic S7–1200: A Beginner’s Guide | by Marcel Rick-Cen | Mar, 2024 | Medium
Social Minefield
The one question every developer needs to ask themselves
US is still chasing down pieces of Chinese hacking operation, NSA official says
Generative AI: Shifting the Paradigm with Copilot for Security | by Jad Karaki | Mar, 2024 | Medium
Return Oriented Programming – Buffer Overflow Part 1 – RingBuffer's Blog
Blind SQL Injection in update query for OSWE - PostgreSQL Database | Start With Linux | Mannu Linux
Magnum Atlantic picked and gutted - YouTube
Brief #43: ChatGPT Flaws, Roku Hacked, Tor's WebTunnel
GitHub - xscorp/jsmug: A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON
Product security: barking up the wrong tree
Analyzing Pipedream / Incontroller with MITRE/STIX – DiabloHorn
Release v1.0.8 · Fadi002/de4py · GitHub
Russia's ruling party 'hit by cyberattack' during presidential election | Evening Standard
Magnum 2100 Mont Blanc picked - YouTube
884. Modified 7 in 1 Lock Pick Tool - Deep Hook profile filed down and ERA Euro Cylinder Picked Open - YouTube
Information Technology Internship Challenges
GitHub - Geeoon/DNS-Tunnel-Keylogger: Keylogging server and client that uses DNS tunneling/exfiltration to transmit keystrokes.
Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762
reuters.com
Picking Time Ep.77 Knoxs birthday bash - YouTube
Video Doorbells Sold By Big Retailers Have Major Security Flaws - Consumer Reports
Lock Review: ABUS 55/40 Orange Belt Lock From Amazon - YouTube
Turnstiles from a hacker perspective - Part 1
GitHub - m4rkw/sim-swap-defence: Use push notifications to mitigate sim-swap attacks
Malware Theory - Five Unpacking Methods and Generic Unpacking Approach - YouTube
Proof of concept for NESTJS and Drizzle ORM
网安行业互助表(离线版合集)
Simple proof-of-concept web scraping python file showcased using Wikipedia, although can realistically be applied to a multitude of URLs (will have to include session info for things like Twitter, Instagram, Reddit, etc.)
k8-security
A smart garage door system refers to a setup that allows homeowners to remotely monitor and control their garage door using a smartphone, tablet, or computer. These systems often integrate various technologies to offer convenience, security, and automatio
Learn Laravel Security
security_study
Hacker
Best FREE Open Source Apex HACK
Safety and Security system written in c++
Surrealist VR horror experience/proof of concept of time-looping apartment.
cyber-Security-Dev
Proof-of-concept: Loading Lua scripts for Kiddion's Modest Menu via Stand.
ai-security-controls-graph
Security-Management
belajar tentang hacker
Anika-security-services
Tunnels UDP packets over TCP for unreliable WAN links and security restrictions.
HACKING
This is my task 1 done during my internship of Cyber Security in Prodigy Infotech
Star-Security-Services
Applied_Information_Security
Xamir is a web-based application which utilizes different CLI based security scanning tools to help pentesters quickly gain insight on their targets that they are analyzing.
Elaboration
sub26 (CYDF class)
A proof-of-concept calculator for the collatz conjecture. The code:Prompting users for a value; data-checking it,
Instagram password hacking
VJTI hack
Hacking_Friday
Proof of concept for taffy
An addon for SecurityCraft, adding WTHIT support
Users of a website are experiencing a security issue. Review the DNS & HTTP traffic log, then write up a security incident report.
wa-3392-project-security
Security-Incident-Response-Template
A collection of functions and modules to extend malware functionaility.
SpringBoot Security BBS Thymeleaf 2024.03
A project to implement Spring Security with JWT Authentication
spring_security
Security system using ARM7, SIM900 (GSM Module), KY_038 (Sound sensor), MQ_2 (Smoke Sensor), SR03 (Ultrasonic sensor), TTP223 (Touch sensor) and C++ programming language
jwtSecurity연습
StarSecurityServicesAdmin
Python script to check network security
Sudo-Security-Bypass
Penetration-Ethical_Hacking-Testing
security-test
Codebase and Security Audits | GoodGameWellPlayed - $GGWP ERC-20 Token
wa3392-project-security
Cyber-Security-With-IBM-QRadar
Cloud-Security-Managment
Noveck Security Draft
Proof of Concept for SuiteCRM installation
Security
Spring 시큐리티를 학습하는 공간입니다.
if u can hack anyone's camera u can use this tool without any token
🧪 Proof of Concept for a UI made with Angular v17 and the Angular Material UI component library.
jk_security_management_services
The objective of this project is to create a Python program that generates strong and secure passwords. The program will allow users to specify the length and number of passwords to generate. The generated passwords will meet modern security standards by
Proof-of-concept exploit for CVE-2024-25153.
This is a proof of concept showing how to enforce a dll whitelist in a C++ program. The POC unloads any dll not on the whitelist, leading to unique behaviors or improvements depending on what is unloaded during runtime.
jk-security-management-services
AzSecurity
Authentication-and-Security-Node-Express-PostgreSQL
🧪 Proof of Concept for a UI made with Angular v17 and the Angular Material UI component library.
This repository contains code for detecting fraudulent credit card transactions using advanced machine learning. By employing machine learning algorithms, the code aims to identify fraudulent transactions, helping credit card companies mitigate financial
스프링_시큐리티
CodeSecurityChallenge
ip bypass roblox security's 2024 STILL WORKING
Rate Limiting middleware for Hono web server
hack kaare hain
Payfactory offers embedded payment facilitation services for ISVs and SaaS companies. Our platform enables seamless integration with software systems, minimizing development costs and accelerating revenue. Founded by payment industry veterans, we prioriti
SpringSecurityJwt
eks-security
This Ansible playbook creates a new Linux user and applies minimal security configurations to one or more VPS's.
Payfactory offers embedded payment facilitation services for ISVs and SaaS companies. Our platform enables seamless integration with software systems, minimizing development costs and accelerating revenue. Founded by payment industry veterans, we prioriti
Cookie Run Witch's Castle codes for 30000 free crystals Hacks and mod menu
test-security
sping-security-jwt
Software Development Security Consulting Services Market, our most recent study report just published. The study is meant to help clients improve their business strategies and choices.
A proof of concept for snap configuration sharing across snaps using snapd's aspects
A cyber security audit exercise on a fictional toy company.
Security
A private repository.
Links de los repositorios del hack 1 de pull requests de SocialOplesk
Network Security Appliance Market, our most recent study report just published. The study is meant to help clients improve their business strategies and choices.
This is a proof of concept module that demonstrates how to release distributable packages using Dagger, similar to how Goreleaser works.
security-240318
Enhance security with ease. Our password generator ensures robust protection.
FULLY UNDETECTABLE FORTNITE HACK MENU
This data set presents the routers with either no or non-secure encryption in Madison, New Jersey. This is important because hackers can exploit weaknesses in router configuration and lack of encryption to launch attacks that are time consuming and expens
SSRS-Report-Implementation-with-menu-extension-and-security-Dynamics-365
Wifi security analyzer, scan and see info about WIFI AP
A proof of concept pedometer app for Wear OS that plays a sound every time the user takes a step.
Spring-security
Masters in Cyber Security - Applied Cryptography
Software Security vulnerabilities in a web app
A proof of concept repository
Research Work in the Domain of Smart Security
Security-Example-in-Node-js
Proof of Concept of Python and the use of the OpenCV library for image processing for Sumadi
A proof of concept of the path traversal vulnerability in the python AioHTTP library =< 3.9.1
This repository stores the github action example for security scanning
This Project includes all CRUD Operations of Rest Api and Using MySQL for Database Connection and enabled with Jwt Authentication For Security with defined Roles and Their Privileges.
devsoc hack
A .net game hack framework
CodeAlpha Cyber Security Internship Task :- Phishing Awareness Training
This project aims to recognize license number plates, the project could be useful for security, monitoring, e-challan, etc. In order to detect license number plates, we will use OpenCV to identify number plates and python pytesseract to extract characters
Hacking
Aplicação backend de um e-commerce desenvolvido em Java/Spring, modulado em microsserviços, contendo Spring Security para autenticação, serviço de email, carrinho de compras, serviço de pagamento, etc.
Spring Boot 6 | Spring Security | Simple JWT Auth | Filter chain
WhatsApp-hacking
wa3392-project-security
security
ethical-hacking-project
Pheewww-Wrangler-Proof-of-concept
security
Cyber-Security-with-IBM-QRadar
This repository contains the backend code for an authentication project built with MongoDB, Express.js, and Node.js. It provides a simple yet robust authentication system that allows users to register, login, and logout securely. The project emphasizes se
Delving into the realm of quantum computing for Pi Network, QuantumForge provides a collaborative environment for developing quantum algorithms, cryptographic primitives, and quantum-resistant protocols, ensuring future-proof security in the quantum era.
Disk Spoof Conceal your storage device.GPU Spoof Mask your graphics card details.RAM Spoof Hide your system memory specifications.GUID Spoof Alter your system globally unique identifier.BIOS Spoof Modify BIOS information for added security..System Spoof.M
Welcome to the MAC Address Changer repository, your ultimate toolkit for seamless MAC address manipulation. Whether you're diving into network security testing, privacy enhancement, or simply exploring the realms of network customization, this script has
Flash Feed is a lightweight news aggregator application designed to provide users with up-to-date news articles from Hacker News. Leveraging the Hacker News API, Flash Feed fetches the latest stories, allowing users to browse through headlines, view comme
This is my website for Computer Security Class
hack psu spng 2024
Hacker
spring security in action을 읽고 공부한 내용을 정리했습니다.
This is a repository to hold the code for the University of Arizona hack-a-thon. The prompt is to make a word game with a graphical user interface.
Data Transfer Security Framework refers to a set of protocols, standards, and practices used to ensure the secure transmission of data between systems or across networks.
Sound to musical representation using the Fourier transform
This repository hosts code for detecting phishing websites via machine learning, enhancing internet security by swiftly identifying fraudulent sites.
Devsoc Hack
Our project transforms MCS by focusing on efficiency, security, and privacy. Through the OSU protocol, we enable seamless retrieval of encrypted data, reducing communication and computation. Utilizing Additively Homomorphic Encryption ensures secure data
這是一個社區防護的app,當門外有奇怪的人徘徊時,會利用mqtt傳送到註冊者(用戶或警衛)的裝置,並可即時查看外部攝影機,目前還在製作中
Power Genation with foot steps of Stairs and uses foot steps for advance security puposes
Python script for Unify all Parameters with all URLs.
Real-time chat application built with the MERN stack, incorporating Socket.io for live messaging, JWT for authentication, and AES encryption for security.
StudySecurity
Terraform-AWS-Security
Querycute is a Python library simplifying SQL query execution. Its methods streamline database interactions, support parameterized queries for security, and offer easy result retrieval, enhancing developer productivity in managing and manipulating data.
Security_Alarm_System
Easily encrypt and decrypt files for enhanced security and privacy
Prodigy Infotech Cyber Security Internship Task 1
Testing out a hacked up plex package source
spring jwt token spring3
Steganography is the process of concealing sensitive information within other non-secret text or data. You can take up image steganography as an advanced-level cyber security project by concealing coded texts in images.
A proof of concept of generating a UI on top of egui based on configuration
A laser security system with Arduino.
BC PSO Client Deliverable Proof-of-Concept Checklists
A new CFW (Pack) for Nintendo Switch.
A low code game hack with lua engine and local AI libs
Bancolombia Hacking
Spring Boot Security Example
conduct_a_security_audit
KAITeam Repo for City Legends 2024 Hack
For spamming hacking first we need multiple Facebook accounts. For which basically this Messenger 3 has been created
Hack
spring-security-complete-guide
Demo SBOM for Security
Uses RapidAPI Airports api and a simple frontend as a proof of concept.
Security-measurement_E4
Multi-Functional Robotic Car with Object Detection, Voice Control and Live Video Security System
Coding the proof of concept for StuImpact
Prodigy Infotech Cyber Security Internship Task 5
Client_Template_For_Security_Pract
Proof-of-concept for a Java 22 gatherer for zipping two streams
Prodigy Infotech Cyber Security Internship Task 3
Windows Ricing, Privacy, Customization & Optimization. Windows privacy, security, performance, productivity and customization.
Prodigy Infotech Cyber Security Internship Task 2
Quick Express/MongoDB server for Vowsuite proof of concept.
Proof of concept of PostgreSQL message broker in javascript
learn-spring-security-jwt
Proof of concept for python based CAD drawings
CodeAlpha Cyber Security Internship Task :- Network Intrusion Detection System
The blockchain is a system for recording a collection of data in a chain-like way, increasing data integrity, reducing vulnerabilities, and making the data nearly impossible to be hacked.
Integration for a Texecom security panel.
Full stack app used for demo during 2024 BCS hacks
BugDorker: A tailored search engine for bug bounty hunters. Utilizing advanced dorking techniques, it simplifies the discovery of vulnerabilities in web apps. Join the hunt and uncover security weaknesses!
Bot pour le restaurant Umami
VTU Notes for MTech Cyber Security
This showcase app highlights reusable, scalable, and modular web development. It uses Dependency Injection for maintainable code, interfaces and inheritance for modularity, and base services for reusability. Authentication, Authorization, and Pagination e
This repo shows a proof of concept of using ketcher with ViteJS.
Proof-of-Concept for a binary ninja plugin that uses CPU Architectures from Ghidra Sleigh
Entrega Proyecto integrador fase 3 con Spring Security
Proof of concept of a daily register of hours worked as part of my typescript learning
OneAuth: A secure customer authentication system leveraging React, Keycloak, Spring Resource Server, and a robust database backend. Safeguard your customer data with this comprehensive solution.
Proof of concept for a Sentinel connector based on the Codeless Connector Platform
This is just a demo website created for hack the tank 2.0 of SVNIT
A proof of concept of rotation matrices in order to rotate 2d points around the origin.
hackingcompetition
heal-security-test-assignment
Tool for Hackathon Organizers and Hackers to find if their idea is Unique and Plagarism free and to provide open source resources to Hackers.
CMPE455 - Security Term Project
JENKINS-CICD-PIPELINE-AND-DEPLOY-TO-KUBERNETES-TAKING-SECURITY-PRACTICES
Internal security research tooling
Test Android app for vulnerability diagnosis and scenario-based hacking
Built a Job Application System using PHP, MySQL, phpMailer, and reCAPTCHA. Streamlined the job application process with secure data submission, including personal details, resumes, and cover letters. Integrated advanced security measures like reCAPTCHA an
Sentinal-Security-System
This is lab assignment of software dev security subject about Simple Password Authentication and Single Sign-On (SSO) with OAuth and OpenID.
HRMS portal, crafted with Java and javax. Manage employees, process payroll, track leave, monitor attendance, and evaluate performance seamlessly. Optimize HR processes with ease and security.
Fusion Hack 2024 ECSS
Backend ServiceSecurity
Pixel Share is an Instagram clone app allowing users to share photos, videos, and stories. It features profile management, content editing tools, explore feed, likes/comments, direct messaging, notifications, search/discovery, and prioritizes privacy/secu
SpringSecurity usando JWT
09-security-order-history-secure-backend-and-frontend
Microservice_Security_TP
This microservice implements Two-factor authentication using Google Authenticator. It adds an extra layer of security to your online accounts by adding a second step of verification when you sign in.
Cyber-Security-Portfolio
Machine Learning Security University Project
Code implementation of Ciphers taught in Information Security
Security-JWT-in-JAVA
This project contains a collection of Proof-of-Concept (POC) implementations using Node.
It is a project for practicing spring security
Proof of concept trying to get go-sse working with echo router.
La nova aerol´ınia de baix cost “Voling” ens ha demanat de col·laborar en un projecte de prova de concepte (o PoC, de l’angl`es Proof of Concept) pel seu sistema de reserves de vols.
Hack-o-hire backend
This my proof of concept/testing plugin for Obsidian (https://obsidian.md)
A sample project resembling a home security camera with person detection and face recognition
Game verify solana hack
This repo contains my implementation of the first project from Nand2Tetris (part 2), which converts VM code into Hack assembly code.
Democracy hack weekend 16 – 17 March 2024
Sensors,trackers,hackers, and g-men utilize vision pro to maneuver through the dust
This C-based banking system facilitates account creation, login, deposits, withdrawals, and balance checks. It incorporates email verification for security, with user-friendly interfaces and animations enhancing the user experience.
1.92 Hack DLL
Created python webscraper for Hacker News to merge news items from multiple pages and sort by number of points. Created using BeautifulSoup4 and a OOP paradigm.
🧛 Defangle is the gleam link defanger. Make URLs, IPs, and Emails safe to share.
Disk Spoof Conceal your storage device.GPU Spoof Mask your graphics card details.RAM Spoof Hide your system memory specifications.GUID Spoof Alter your system globally unique identifier.BIOS Spoof Modify BIOS information for added security..System Spoof.M
security-cams-proj
Solutions to homework assignments. Student - Yuldashev Asror, group - (computer security) CS-211, MIEM, HSE.
Ecommerce con java spring, spring security, jpa, dba
"Hack-a-Bot" Hackathon - "Extraterrestrial Rover" Challenge
REST-API-Cloud-Security
A String Obfuscation Proof-of-Concept
Infomation-Security
A dark, cynical FireRed hack, with similar gameplay to the original.
Stock Control Supervisor
horizon_dashboard page d'administration et de gestion des employes d'horion security
Proof of concept of the Lore Loom for ETH London 2024. A attempt at binding act of governance to the art of storytelling, onchain.
This project is an API that allows users to save their passwords, manage them, generate random passwords based on a number of given parameters. The API should rely on security best practices to safely store and manage passwords in its data stores
ChatGPT Jailbreaks, GPT Assistants Prompt Leaks, GPTs Prompt Injection, LLM Prompt Security, Super Prompts, Prompt Hack, Prompt Security, Ai Prompt Engineering, Adversarial Machine Learning.
Securityweb
Calvin Hacks 2024 project
Simple banking application for db security course.
Github Repo of team Predictive Powerhouses for their ML project in the event Hack Quest of Avishkar 2024
This tools only use for educational purposes|×_×|
Cloud Challenge SEC
JWT with Spring Boot 6
Spring Security JWT
Security Study Notes
Spring Security With JWT
CopilotForSecurity
DNSVMS offers automated network scanning and vulnerability analysis with a distributed setup. Utilizing Nmap and AI for scanning and advanced analysis, it features a user-friendly web interface for easy operation. Ideal for enhancing network security for
Team BizEng's Github for the Hack The Globe Hackathon
The repo is to demonstrate the micro services with spring security
Food_security_urban_GAEZ_Paper_3
Конкурсное решение хакатона IT Purple Hack. Кейс: Решение бизнес-задач, связанных с CLTV Альфа банк.
CryptoGuardian is a user-friendly Streamlit app offering powerful hashing functionalities for data integrity and security. This app supports various hash algorithms, allows users to compare hashes, and provides additional features like password hashing.
TestSecurity
Security-Paper-Learing
Paytm clone is a robust and scalable platform built on the MERN (MongoDB, Express.js, React.js, Node.js) stack, offering users a comprehensive suite of financial services. With a user-friendly interface and cutting-edge security features, our platform ens
ASMA SECURITY SERVICES is a security company in the coastal region of Kenya
NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.
dcoms section of the info security tutorial on free code camp
Project BookStore SpringBoot(Spring Security + Spring Data JPA) + Thymeleaf + MySQL
Hack Assembler using C language
Cybersecurity Hack the Flag project
full stack message board proof of concept
Educational game focused on cyber security
basic spring security impl
Empower your security with personalized and strong passwords! This repository provides a robust password generation tool that adapts to your preferences. Tailor your passwords by specifying the level of strictness.
Data security and Cryptology project: Secure email exchange with LEA in OFB mode, Elliptic curve El-Gamal, RSA signature.
STARPREDICTORV8 BLOXFLIP GAMBLING HACK
cyber-security
PP_3_1_2_Boot_Security
Secure Security Camera Management and Image Processing with AI
Learning-Cyber-Security
jwt와 스프링 시큐리티 학습을 기록한 저장소입니다.
The DevNet Web Security Library
A bash script that utilizes quantum encryption algorithms to secure sensitive data. The script could leverage quantum properties such as entanglement and superposition to encrypt and decrypt information, providing an extra layer of security.
Hack accounts, spam conversations, create a lot of fake conversation, and ... (harfeto.timefriend.net)
An archiving tool for Hacker News
Orderly API Gateway orchestrates request routing within the Orderly RMS, leveraging Kong and Nginx for robust API management. It streamlines interactions between clients and services, enhancing security, managing traffic, and ensuring high availability.
An Open-Source, Cross-Platform TOTP Management Solution for Enhanced Security and Convenience
WildHut Dashboard offers seamless guest booking management, encompassing check-ins, check-outs, and cabin data, all underpinned by robust authentication and authorization mechanisms for enhanced security and control.
My HarvardX CS50 Projects and Notes
This is a mobile application developed using React Native and Firebase, designed to facilitate coffee ordering for users. The app provides a seamless experience for browsing coffee options, adding them to cart, managing wish lists, and completing orders s
A demo repository to show off GitHub Advanced Security.
SpringSecurity
i'm creating a hotel booking app using spring frame work and spring security.. The name of this application is CressyHotels and this app can perform various operations such as booking a room, filtering rooms etc. Technologies i'm using for this applicatio
it is a cyber security tool
Charudatta's blog, hosted on GitHub, features a collection of insightful articles and musings. Charudatta, an AI-ML engineer from India, delves into topics like privacy, data security, and GANs. With a focus on open source and a penchant for learning, Cha
Spring Security, JPA로 만든 to-do 공유 웹사이트
Cyber Security Certificates
openshift-security-roadshow
currently developing a note management app using the MERN stack with TypeScript. focus is on implementing robust user security measures, including authentication, to ensure data privacy and protection. Additionally, emphasizing a minimalistic user interfa
This repo contains the map that I will host on the (In)Security lab website.
HACK THE BOX CHEAT SHEET
This is a set of xml enabling custom systems like Switch, 3DS and hacks of gb,gbc,gba,nes, snes and gen
Valhalla Vault Cyber Awareness is a project aimed at developing a Minimal Viable Product (MVP) for an app focused on cyber awareness and education, particularly targeting IT security.
A proof of concept on how to use Ginkgo to build tests and explore the advantages of using it against using only the testing library.
This repository will contain solution to Hacker Rank problems in C#.
WARNING: This is a proof-of-concept idea - it might be removed again
HACK the SPRING - HACKATHON Team MiNOR PIECES
This is a security system, build by the ground up with a raspberry pi and a self-implemented convolutional neural network to observe a house entrance
high_security_firmaware
Studying Internet Security
Material for Build a Microsoft Fabric Proof of Concept in a Day (Training Day at 2024)
😼 Open source Tines / Palo Alto XSOAR alternative.
Haxball py code, basically a hack
My blog for annotations and little 'hacks' that I found helpful in my programming journey.
HomeSecurityUI
Project name: Chord Hands. Code for submitted project for Hack Pompey 2024 on the 16th of March.
A lightweight, cross-platform port scanning tool for network analysis and security assessment.
Build CML Image for Becoming a Hacker Lab on EC2 Image Builder
Anti-fraud app with Spring Security
Orderly Database Infrastructure with Terraform focuses on the setup and management of the database infrastructure for the Orderly API. By employing Terraform, it ensures that database provisioning aligns with the principles of Infrastructure as Code, prov
This senior capstone project is by Hayden Sapp and Emma McLeod for the Cyber Intelligence and Security degree program at Embry-Riddle Aeronautical University Prescott.
security.oauth2.jwt
Real-time Hacker News stories with RAG and Milvus
Penetration testing of web applications can identify security vulnerabilities in databases, source code, and backend networks of web-based applications. It can not only identify vulnerabilities but also help prioritize them and provide solutions to mitiga
Smart-Sound-to-Speech-Interpreter-for-Security-and-Notification-Systems
Battlemech Blast is a web3 game based on wax trading platform that offers decentralized transactions while ensuring security through blockchain.
Introduction-to-Cyber-Security
eBPF based security sensor for IoT and Runtime security
For spamming hacking first we need multiple Facebook accounts. For which basically this Facebook 11 Lite has been created
spring-security-jwt
codehawks-security-portfolio
SpringStudy-Security
ExamSandbox is a secure examination platform using Docker for isolated code execution. Ideal for educational assessments, it offers a user-friendly interface, robust security measures, and detailed result evaluations.
mod-security-docker
A comprehensive, step-by-step guide to help new users navigate the privacy-focused, security-hardened mobile OS based on Android. Learn how to purchase a device, install and configure GrapheneOS, and make the most of its unique features. Includes best pra
TRADES Tool for designing and analysing the security posture of systems
Information Security
Curve25519 Python Code. It is an elliptic curve used in Elliptic Curve Cryptography (ECC) that provides 128 bits of security with a 256-bit key size.
Proof of concept for a translation app using Large Language Models.
An academic project developed for IT352 Information Assurance and Security course at NITK Surathkal, implementing a novel chaotic PRNG for secure image encryption. Features include a unique combination of chaotic maps, robust image cipher system, and a us
Share your files like never before with Phoenix Share. Phoenix Share is an open source file sharing platform that combines the simplicity of Express.js with the speed and security of a phoenix.
A reading list for large models safety, security, and privacy.
Active-Directory-Detection-and-Security
A metaverse project for reva hack
security-bez-tabu
Configuration files and settings to personalize my Linux system. Includes shell (bash), text editor (emacs), Git, and more. Clone, customize, and contribute. Happy Hacking
A proof of concept for combing Interact.js and PDF.js to create a manipulatable media viewer.
ASPNET security functional libraries.
holbertonschool-cyber_security
SpringBoot3-Security-JWT
A full-featured, hackable Next.js AI chatbot built using my chat UI components
PurPost blog server-side version repository. Developed with Spring Boot, Spring Cloud, Spring Security, JWT and others tools.
Suite of security-oriented serverless microbenchmarks
SecurityNew
TryHackMe-CTF-Writeups is a collection of writeups and solutions for Capture The Flag (CTF) challenges from TryHackMe CTF Rooms. This repository is a valuable resource for security enthusiasts, penetration testers, and anyone interested in honing their ha
one-to-one chat application built on STOMP, secured with spring security and oauth2-google-authentication
Практическая задача 3.1.3
Just A Rather Very Intelligent Security Toolkit
Distributed Ed25519 Database
Offensive security notes & scripts.
di-ps-kubernetes-security
SUN Lab Security Login System
A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS
Proof of concept video delivery platform
🔬 Proof of Concept of extracting content from PDF files using multiple PDF libraries
Various Proof of Concepts
It's easy to use, plug-in django app that once included, stores logins history (with device data, like IP, user-agent, location etc.) of all users
This repository includes code for the AutoML-based IDS and adversarial attack defense case studies presented in the paper "Enabling AutoML for Zero-Touch Network Security: Use-Case Driven Analysis" published in IEEE Transactions on Network and Service Man
An Application desinged to keep youre Data yours.
CTF Writeup including upsolve / Hack The Box Writeup
☁ OneDrive public directory listing, based on onedrive-vercel-index, the secondary development Onedrive project fixes security vulnerabilities and improves performance, and provides Docker environment deployment solutions. 基于onedrive-vercel-index,修复安全漏洞并提
A Fedora Silverblue image that has been hardened for extra security
Proof of Concept for Mkdocs based support pages.
Package completo e modulare per la gestione di un allarme in home assistat
A prompt injection game to collect data for robust ML research
A Cloud Playground for Wireless Security
Syracuse Masters in Cyber Security
Cryptography and Security course at FIT CVUT
War Crimes Prevention Security Systems
SAQ-PIx (Simplified Analog Q-Pix) is a proof of concept of the Q-Pix method. This is a second generation model of SAQ-Pix using a similar commercial technique. Additionally, the modularity of it allows for the model to have a functional usage for experime
MetaMask Snap designed to protect your crypto with transaction insights and proactive security alerts.
Safeguard your .NET MAUI app effortlessly by preventing content exposure, screenshots, and recordings with ease.
Documentation site for https://clace.io. Clace is a web server which makes self-hosting web applications easy.
Hacking With Swift "Ultimate Portfolio" multi-platform demo project.
Analysis of vulnerabilities I discover during security audit || CTF (Capture the Flag)
split-security
Incident Notification Platform by @NC3-LU
Collection of scripts for visual analysis of various financial securities
Autonomous computing (Web4) runtime.
cue lang proof of concept
Proof Of Concepts: implement your own shared ptr
This is an app I developed for my bachelor's degree thesis. It's a proof-of-concept app for a new software engineering standard that would be used as a wizard app/guide by an engineer in accomplishing their tasks in accordance with the standard's requirem
Ontolocy Python library for cyber security graphs
Cyber Security: Development of Network Intrusion Detection System (NIDS), with Machine Learning and Deep Learning (RNN) models, MERN web I/O System. The deployed project link is as follows.
A proof-of-concept AXIS Tracker to VRChat OSC Bridge
用gradle构建的DDD微服务架构:micro service,spring boot,spring cloud,spring alibaba cloud,dubbo,sentinel,seata,oauth2,gateway,spring-security-oauth2-authorization-server
The repository has ciphers: AES, RSA, El-gamal, GOST Stribog, GOST 34.10.2018
Demo Repository for PoC (Proof-of-Concepts)
Secutils.dev is an open-source, versatile, yet simple security toolbox for engineers and researchers
Collection of scripts that I find useful on red team engagements. Most of these are to help with efficiency and quality of life for the operator.
Config data for m2-security
Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
A simple proxy tunnel, minimalist tool for bypassing the GFW.
Hackだぜstarve.ioの アップデートするから
🔬 Proof of Concept of Bowling Kata TDD in .NET
Proof-of-concept on how Antora can be used for Keycloak
Security module for Vanilla Furniture Expanded for RimWorld.
Documentation repository for security-compliance
Notes I took while preparing for eJPT certification by eLearn Security (passed 19/20)
indy-security
Security library for Spring Webflux: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
A list for Web Security and Code Audit
Security Challenge Admission
Setup guide for NextDNS, a DoH proxy with advanced capabilities.
Dissertation project: a job application tracking tool with modern security features integrated. The cheesy name plays on the notion 'sandwich degree' students filling their degrees with an industrial placement.
The Ruby Gem that Powers Entitlements - GitHub's Identity and Access Management System
Welcome to TheCyberHUB, a community-driven platform for hackers, cybersecurity enthusiasts, and IT professionals. Our platform provides a variety of free resources, including Capture The Flag (CTF) challenges, courses, blogs, forums, and much more.
A secure low code honeypot framework, leveraging AI for System Virtualization.
Hestia.Security
An example of how Entitlements can be configured
Lichen is a Ethereum utility that runs locally on your desktop with a focus on privacy and security.
insta-follow-botz . Instagram hacks bot with instagram report ,followers , information gathering , instagram hacking
Security_one_by_one
卡兔-卡片管理助手微信小程序
Core componentry for the Ziti browZer ecosystem (used internally by ziti-browzer-runtime and ziti-sdk-browzer)
Pet container for hacking on CoreOS
PWN is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation.
ethical-hacking-tools
Documenten over security voor het MBO
A hack for White Day: A Labyrinth Named School. See readme.
Hyperparameter, Make configurable AI applications.Build for Python hackers.
NodeSecure runtime configuration
A system to detect attacks on the network and find vulnerabilities in the system
Hourly updated database of exploit and exploitation reports
Collection of filters to fill in the gaps
Based on the book, Bayesian methods for hackers
Microsoft Office 365 Security Score Add-on for Splunk, created and maintained by CrossRealms International.
Information Keeping Web Application using Spring Boot, Spring Data JPA, Thymeleaf Templating Engine and Spring Security. Deployed on Amazon elastic beanstalk.
KeygenGenerator-ESET_HOME_Security_Premium
It focuses on collecting all Metal Slug NeoGeo MVS/AES, all kinds of roms that have ever existed, All Lost Media Predecrypted, Decrypter, Earlier And Bootleg, Decrypter Darksoft, Neo SD And Hack
All published CVE and their recent changes, ready to be used by humans and machines
Electronic Health Record (EHR) and Electronic Medical Record (EMR) systems. However, they still face some issues regarding the security of medical records, user ownership of data, data integrity etc. The solution to these issues could be the use of a nov
The Autograph protocol
Make openssl certificates.
Proof of concept that decorators can be provided in completions
'Proof of concept' for JupyterLab
Adds Security headers to Etherpad Express responses, including CSP(content security policy) and X-Frame-Origin
Portability shim for OpenBSD's rpki-client
CVEs <--> Metasploit-Framework modules
Snoop — инструмент разведки на основе открытых данных (OSINT world)
React/Bootstrap frontend and NodeJS/MongoDB backend for Hacker News, shows top articles (responsive)
Web framework designed for speed, security, and SEO — all powered by Hugo and npm.
Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes.
application-hacking-books
💫 About Me: 🌱 I’m currently learning Web Application Penetration Testing, Binary Exploitation, Reverse Engineering. 💬 Ask me about Ethical Hacking, Network Security, Cryptography.
Hackable Laser software for the K40 Stock-LIHUIYU laser boards.
JavaScript security CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project.
🔐 Out of the box stateless openvpn-server docker image which starts in less than 2 seconds
Notebooks and Exercises for Network Security and Cryptography
Kee Vault is a password manager for your web browser. Password databases (Vaults) are encrypted using the KeePass storage format before being sent to a remote server for synchronisation across any modern device/browser
Proof of concept to create microservices using Spring 5 and related technologies
Compilation of commands for hacking tasks and security tools as a bit of everything
ubuntu-security-podcast
Data scraper and API for Hacker News posts
Kernel Hacking Utilities.
Cliff Click Language Hacking
Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams
A PHP Content-Security-Policy header generator
A demo project for Spring Boot / Data / security, social / oauth2 logons, JWT, Mongo, SpringBootAdmin, Docker, docker-compose, Github Actions and stateless apps
Install and configure postfix on your system.
Log of Hacker News submissions and comment threads https://westurner.github.io/hnlog
TagMo for 3ds (Alpha/Proof of Concept)
security.mstacm.org
Ansible role for OpenSSH configuration implementing Mozilla’s OpenSSH security guidelines
Ansible role implementing unnatended security update policy
http://firewalla.com
securityonionsolutions-com.github.io
NullAwesome: 2D hacking puzzle platform game
Pterodactyl® is a free, open-source game server management panel built with PHP, React, and Go. Designed with security in mind, Pterodactyl runs all game servers in isolated Docker containers while exposing a beautiful and intuitive UI to end users.
wolfSSL product manuals and documentation.
Repository for the Lemur Certificate Manager
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Apache Syncope
Don't pass the referring URL to third parties. This handles the security/privacy issue where you don't want the third party service to know your pad URL
Rudder is a configuration and security automation platform. Manage your Cloud, hybrid or on-premises infrastructure in a simple, scalable and dynamic way.
CVE-2023-40275 -- An issue was discovered in OpenClinic GA 5.247.01. It allows retrieval of patient lists via queries such as findFirstname= to _common/search/searchByAjax/patientslistShow.jsp.
CVE-2023-40276 -- An issue was discovered in OpenClinic GA 5.247.01. An Unauthenticated File Download vulnerability has been discovered in pharmacy/exportFile.jsp.
CVE-2023-40277 -- An issue was discovered in OpenClinic GA 5.247.01. A Reflected Cross-Site Scripting (XSS) vulnerability has been discovered in the login.jsp message parameter.
CVE-2023-40280 -- An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to popup.jsp.
CVE-2024-2620 -- A vulnerability has been found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this vulnerability is an unknown functionality of the file api/client/down_file.php. The manipulation of th
CVE-2024-2621 -- A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this issue is some unknown functionality of the file api/client/user/pwd_update.php. The manipulation of the arg
CVE-2024-2622 -- A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318. It has been classified as critical. This affects an unknown part of the file /api/client/editemedia.php. The manipulation of the argument number/enterp
CVE-2018-25099 -- In the CryptX module before 0.062 for Perl, gcm_decrypt_verify() and chacha20poly1305_decrypt_verify() do not verify the tag.
CVE-2021-47154 -- The Net::CIDR::Lite module before 0.22 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.
CVE-2021-47155 -- The Net::IPV4Addr module 0.10 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.
CVE-2021-47156 -- The Net::IPAddress::Util module before 5.000 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.
CVE-2021-47157 -- The Kossy module before 0.60 for Perl allows JSON hijacking because of X-Requested-With mishandling.
CVE-2022-47036 -- Siklu TG Terragraph devices before approximately 2.1.1 have a hardcoded root password that has been revealed via a brute force attack on an MD5 hash. It can be used for "debug login" by an admin. NOTE: the vulnerability is not fixed by the 2.1.1 firmware;
CVE-2022-47037 -- Siklu TG Terragraph devices before 2.1.1 allow attackers to discover valid, randomly generated credentials via GetCredentials.
CVE-2023-39223 -- Stored cross-site scripting vulnerability exists in CGIs included in A.K.I Software's PMailServer/PMailServer2 products. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user's web browser.
CVE-2023-39933 -- Insufficient verification vulnerability exists in Broadcast Mail CGI (pmc.exe) included in A.K.I Software's PMailServer/PMailServer2 products. If this vulnerability is exploited, a user who can upload files through the product may execute an arbitrary exe
CVE-2023-40160 -- Directory traversal vulnerability exists in Mailing List Search CGI (pmmls.exe) included in A.K.I Software's PMailServer/PMailServer2 products. If this vulnerability is exploited, a remote attacker may obtain arbitrary files on the server.
CVE-2023-40747 -- Directory traversal vulnerability exists in A.K.I Software's PMailServer/PMailServer2 products' CGIs included in Internal Simple Webserver. If this vulnerability is exploited, a remote attacker may access arbitrary files outside DocumentRoot.
CVE-2023-41334 -- Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the `TranformGraph().to_dot_
CVE-2023-52159 -- A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x before 1.0.4 allows remote attackers to trigger a denial of service (grossd daemon crash) or potentially execute arbitrary code in grossd via crafted SMTP transaction parameters that c
CVE-2023-6821 -- The Error Log Viewer by BestWebSoft WordPress plugin before 1.1.3 contains a vulnerability that allows you to read and download PHP logs without authorization
CVE-2023-7085 -- The Scalable Vector Graphics (SVG) WordPress plugin through 3.4 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads.
CVE-2023-7236 -- The Backup Bolt WordPress plugin through 1.3.0 is vulnerable to Information Exposure via the unprotected access of debug logs. This makes it possible for unauthenticated attackers to retrieve the debug log which may contain information like system errors
CVE-2023-7250 -- A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting
CVE-2024-0365 -- The Fancy Product Designer WordPress plugin before 6.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by adminstrators.
CVE-2024-0711 -- The Buttons Shortcode and Widget WordPress plugin through 1.16 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and abo
CVE-2024-0719 -- The Tabs Shortcode and Widget WordPress plugin through 1.17 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above
CVE-2024-0779 -- The Enjoy Social Feed plugin for WordPress website WordPress plugin through 6.2.2 does not have authorisation and CSRF in various function hooked to admin_init, allowing unauthenticated users to call them and unlink arbitrary users Instagram Account for e
CVE-2024-0780 -- The Enjoy Social Feed plugin for WordPress website WordPress plugin through 6.2.2 does not have authorisation when resetting its database, allowing any authenticated users, such as subscriber to perform such action
CVE-2024-0820 -- The Jobs for WordPress plugin before 2.7.4 does not sanitise and escape some parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks
CVE-2024-0858 -- The Innovs HR WordPress plugin through 1.0.3.4 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks such as adding them as employees.
CVE-2024-0951 -- The Advanced Social Feeds Widget & Shortcode WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html
CVE-2024-0973 -- The Widget for Social Page Feeds WordPress plugin before 6.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is
CVE-2024-1013 -- An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken.
CVE-2024-1331 -- The Team Members WordPress plugin before 5.3.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the author role and above to perform Stored
CVE-2024-1333 -- The Responsive Pricing Table WordPress plugin before 5.1.11 does not validate and escape some of its Pricing Table options before outputting them back in a page/post where the related shortcode is embed, which could allow users with the author role and ab
CVE-2024-1604 -- Improper authorization in the report management and creation module of BMC Control-M branches 9.0.20 and 9.0.21 allows logged-in users to read and make unauthorized changes to any reports available within the application, even without proper permissions.
CVE-2024-1605 -- BMC Control-M branches 9.0.20 and 9.0.21 upon user login load all Dynamic Link Libraries (DLL) from a directory that grants Write and Read permissions to all users. Leveraging it leads to loading of a potentially malicious libraries, which will execute
CVE-2024-1606 -- Lack of input sanitization in BMC Control-M branches 9.0.20 and 9.0.21 allows logged-in users for manipulation of generated web pages via injection of HTML code. This might lead to a successful phishing attack for example by tricking users into using a
CVE-2024-1658 -- The Grid Shortcodes WordPress plugin before 1.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform
CVE-2024-1753 -- A flaw was found in Podman Build and Buildah which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source a
CVE-2024-1753 -- A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a
CVE-2024-2002 -- A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.
CVE-2024-20745 -- Premiere Pro versions 24.1, 23.6.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vict
CVE-2024-20746 -- Premiere Pro versions 24.1, 23.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mus
CVE-2024-20752 -- Bridge versions 13.0.5, 14.0.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a m
CVE-2024-20754 -- Lightroom Desktop versions 7.1.2 and earlier are affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. If the application uses a search path to locate critical resources such a
CVE-2024-20755 -- Bridge versions 13.0.5, 14.0.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim m
CVE-2024-20756 -- Bridge versions 13.0.5, 14.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op
CVE-2024-20757 -- Bridge versions 13.0.5, 14.0.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue
CVE-2024-20761 -- Animate versions 24.0, 23.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ope
CVE-2024-20764 -- Animate versions 24.0, 23.0.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue r
CVE-2024-20767 -- ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access
CVE-2024-21652 -- Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can exploit a chain of vulnerabilities, including a Denial of Service (DoS) flaw and in-memory data storage weakness, to eff
CVE-2024-21661 -- Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can exploit a critical flaw in the application to initiate a Denial of Service (DoS) attack, rendering the application inope
CVE-2024-21662 -- Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can effectively bypass the rate limit and brute force protections by exploiting the application's weak cache-based mechanism
CVE-2024-21824 -- Improper authentication vulnerability in exists in multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. If this vulnerability is exploited, a network-adjacent user who can access the product may imperson
CVE-2024-22257 -- In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to
CVE-2024-22412 -- ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in github.com/clickhouse/clickhouse version 23.1. Query caching bypasses the role based access control
CVE-2024-22475 -- Cross-site request forgery vulnerability in multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. allows a remote unauthenticated attacker to perform unintended operations on the affected product. As for
CVE-2024-23138 -- A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the
CVE-2024-23139 -- An Out-Of-Bounds Write Vulnerability in Autodesk FBX Review version 1.5.3.0 and prior may lead to code execution or information disclosure through maliciously crafted ActionScript Byte Code “ABC” files. ABC files are created by the Flash compiler and cont
CVE-2024-23333 -- LDAP Account Manager (LAM) is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LA
CVE-2024-23604 -- Cross-site scripting vulnerability exists in FitNesse all releases, which may allow a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product and accessing a link with specially crafted multip
CVE-2024-24230 -- Komm.One CMS 10.4.2.14 has a Server-Side Template Injection (SSTI) vulnerability via the Velocity template engine. It allows remote attackers to execute arbitrary code via a URL that specifies java.lang.Runtime in conjunction with getRuntime().exec follow
CVE-2024-24539 -- FusionPBX before 5.2.0 does not validate a session.
CVE-2024-24578 -- RaspberryMatic is an open-source operating system for HomeMatic internet-of-things devices. RaspberryMatic / OCCU prior to version 3.75.6.20240316 contains a unauthenticated remote code execution (RCE) vulnerability, caused by multiple issues within the J
CVE-2024-2496 -- A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This fl
CVE-2024-25654 -- Insecure permissions for log files of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allow members (with local access to the UMP application server) to access credentials to authenticate to all services, and to decrypt sensitive data stored
CVE-2024-25655 -- Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allows members (with read access to the application database) to decrypt the LDAP passwords of users who successfully au
CVE-2024-25656 -- Improper input validation in AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS can result in unauthenticated CPE (Customer Premises Equipment) devices storing arbitrarily large amounts of data during registration. This can potentially lead to D
CVE-2024-25657 -- An open redirect in the Login/Logout functionality of web management in AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS could allow attackers to redirect authenticated users to malicious websites.
CVE-2024-2569 -- A vulnerability was found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin-manage-user.php. The manipulation leads to execution after redirect. The at
CVE-2024-2570 -- A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /edit-task.php. The manipulation leads to execution after redirect. It is possible to initiate th
CVE-2024-2571 -- A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage-admin.php. The manipulation leads to execution after redirect. The attack can be
CVE-2024-2572 -- A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /task-details.php. The manipulation leads to execution after redirect. The attack may be
CVE-2024-2573 -- A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function of the file /task-info.php. The manipulation leads to execution after redirect. It is possible to launch the attac
CVE-2024-2574 -- A vulnerability classified as critical was found in SourceCodester Employee Task Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit-task.php. The manipulation of the argument task_id leads to authorization
CVE-2024-2575 -- A vulnerability, which was classified as critical, has been found in SourceCodester Employee Task Management System 1.0. Affected by this issue is some unknown functionality of the file /task-details.php. The manipulation of the argument task_id leads to
CVE-2024-2576 -- A vulnerability, which was classified as critical, was found in SourceCodester Employee Task Management System 1.0. This affects an unknown part of the file /update-admin.php. The manipulation of the argument admin_id leads to authorization bypass. It is
CVE-2024-2577 -- A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /update-employee.php. The manipulation of the argument admin_id leads to authorization byp
CVE-2024-2581 -- A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function fromSetRouteStatic of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attac
CVE-2024-2584 -- Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/select_send.php, in the 'sd_index' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retri
CVE-2024-2585 -- Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/select_send_2.php, in the 'sd_index' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and ret
CVE-2024-2586 -- Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/index.php, in the 'username' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information
CVE-2024-2587 -- Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetail_khet_person.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and
CVE-2024-2588 -- Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/admin/index.php, in the 'id' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information
CVE-2024-2589 -- Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetail_school_person.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server a
CVE-2024-2590 -- Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/mail/main/select_send.php, in the 'sd_index' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retri
CVE-2024-2591 -- Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetail_group.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retri
CVE-2024-2592 -- Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/person/pic_show.php, in the 'person_id' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve a
CVE-2024-2593 -- Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability through /amssplus/modules/book/main/bookdetail_group.php, in the 'b_id' parameter. This vulnerability c
CVE-2024-2594 -- Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability through /amssplus/admin/index.php, in multiple parameters. This vulnerability could allow a remote atta
CVE-2024-2595 -- Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability through /amssplus/modules/book/main/bookdetail_khet_person.php, in the 'b_id' parameter. This vulnerabi
CVE-2024-2596 -- Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability through /amssplus/modules/mail/main/select_send.php, in multiple parameters. This vulnerability could a
CVE-2024-2597 -- Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability through /amssplus/modules/book/main/bookdetail_school_person.php, in the 'b_id' parameter. This vulnera
CVE-2024-2598 -- Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability through /amssplus/modules/book/main/select_send_2.php, in multiple parameters. This vulnerability could
CVE-2024-2599 -- File upload restriction evasion vulnerability in AMSS++ version 4.31. This vulnerability could allow an authenticated user to potentially obtain RCE through webshell, compromising the entire infrastructure.
CVE-2024-2604 -- A vulnerability was found in SourceCodester File Manager App 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/update-file.php. The manipulation of the argument file leads to unrestricted upload. The atta
CVE-2024-26063 -- Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain unauthorized access to sensitive information,
CVE-2024-26064 -- Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into a webpage. Malicious JavaScript may be executed in a victim’s br
CVE-2024-26080 -- Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a
CVE-2024-26118 -- Adobe Experience Manager versions 6.5.19 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be execut
CVE-2024-26119 -- Adobe Experience Manager versions 6.5.19 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized a
CVE-2024-26125 -- Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a v
CVE-2024-27096 -- GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can exploit a SQL injection vulnerability in the search engine to extract data from the data
CVE-2024-27098 -- GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can execute a SSRF based attack using Arbitrary Object Instantiation. This issue has been pa
CVE-2024-27104 -- GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. A user with rights to create and share dashboards can build a dashboard containing javascript code. Any user that
CVE-2024-27757 -- flusity CMS through 2.45 allows tools/addons_model.php Gallery Name XSS. The reporter indicates that this product "ceased its development as of February 2024."
CVE-2024-27914 -- GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI administrator in order to exploit a reflected XSS
CVE-2024-27930 -- GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can access sensitive fields data from items on which he has read access. This issue has been
CVE-2024-27937 -- GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can obtain the email address of all GLPI users. This issue has been patched in version 10.0.
CVE-2024-27974 -- Cross-site request forgery vulnerability in FUJIFILM printers which implement CentreWare Internet Services or Internet Services allows a remote unauthenticated attacker to alter user information. In the case the user is an administrator, the settings such
CVE-2024-28039 -- Improper restriction of XML external entity references vulnerability exists in FitNesse all releases, which allows a remote unauthenticated attacker to obtain sensitive information, alter data, or cause a denial-of-service (DoS) condition.
CVE-2024-28054 -- Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict (relative to some mail user agents) when there are multiple boundary parameters in a MIME email message. Consequently, there can be an
CVE-2024-28125 -- FitNesse all releases allows a remote authenticated attacker to execute arbitrary OS commands.
CVE-2024-28128 -- Cross-site scripting vulnerability exists in FitNesse releases prior to 20220319, which may allow a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product and accessing a link with a speciall
CVE-2024-28237 -- OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.9.3 contain a vulnerability that allows malicious admins to configure or talk a victim with administrator rights into configuring a webcam
CVE-2024-28248 -- Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium's HTTP policies are not consistently applied to all traffic in the scope of the
CVE-2024-28249 -- Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's
CVE-2024-28250 -- Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.8 and 1.15.2, In Cilium clusters with WireGuard enabled and traffic matching Layer 7 policies Wireguard-eligib
CVE-2024-28537 -- Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the page parameter of fromNatStaticSetting function.
CVE-2024-28547 -- Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the firewallEn parameter of formSetFirewallCfg function.
CVE-2024-28550 -- Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the filePath parameter of formExpandDlnaFile function.
CVE-2024-28745 -- Improper export of Android application components issue exists in 'ABEMA' App for Android prior to 10.65.0 allowing another app installed on the user's device to access an arbitrary URL on 'ABEMA' App for Android via Intent. If this vulnerability is explo
CVE-2024-28855 -- ZITADEL, open source authentication management software, uses Go templates to render the login UI. Due to a improper use of the `text/template` instead of the `html/template` package, the Login UI did not sanitize input parameters prior to versions 2.47.3
CVE-2024-28864 -- SecureProps is a PHP library designed to simplify the encryption and decryption of property data in objects. A vulnerability in SecureProps version 1.2.0 and 1.2.1 involves a regex failing to detect tags during decryption of encrypted data. This occurs wh
CVE-2024-28865 -- django-wiki is a wiki system for Django. Installations of django-wiki prior to version 0.10.1 are vulnerable to maliciously crafted article content that can cause severe use of server CPU through a regular expression loop. Version 0.10.1 fixes this issue.
CVE-2024-29151 -- Rocket.Chat.Audit through 5ad78e8 depends on filecachetools, which does not exist in PyPI.
CVE-2024-29154 -- danielmiessler fabric through 1.3.0 allows installer/client/gui/static/js/index.js XSS because of innerHTML mishandling, such as in htmlToPlainText.
CVE-2024-29156 -- In OpenStack Murano through 16.0.0, when YAQL before 3.0.0 is used, the Murano service's MuranoPL extension to the YAQL language fails to sanitize the supplied environment, leading to potential leakage of sensitive service account information.
CVE-2024-24867 -- Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Osamaesh WP Visitor Statistics (Real Time Traffic).This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 6.9.4.
CVE-2024-2534 -- A vulnerability, which was classified as critical, was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. This affects an unknown part of the file /admin/users.php. The manipulation of the argument user_id leads to sql injection. It is
CVE-2024-2535 -- A vulnerability has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/users.php. The manipulation of the argument id leads to cross site scri
CVE-2024-2546 -- A vulnerability has been found in Tenda AC18 15.13.07.09 and classified as critical. Affected by this vulnerability is the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack ca
CVE-2024-2547 -- A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function R7WebsSecurityHandler. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remote
CVE-2024-2553 -- A vulnerability, which was classified as problematic, was found in SourceCodester Product Review Rating System 1.0. Affected is an unknown function of the component Rate Product Handler. The manipulation of the argument Your Name/Comment leads to cross si
CVE-2024-2554 -- A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file update-employee.php. The manipulation of the argument admin_id leads to
CVE-2024-2555 -- A vulnerability was found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file update-admin.php. The manipulation of the argument admin_id leads to sql injection
CVE-2024-2556 -- A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file attendance-info.php. The manipulation of the argument user_id leads to sql injection. It is possi
CVE-2024-2557 -- A vulnerability was found in kishor-23 Food Waste Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/admin.php. The manipulation leads to improper authorization. The attack can be initiated
CVE-2024-2558 -- A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack
CVE-2024-2559 -- A vulnerability classified as problematic has been found in Tenda AC18 15.03.05.05. Affected is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. It is possible to launch the attack rem
CVE-2024-25591 -- Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Benjamin Rojas WP Editor.This issue affects WP Editor: from n/a through 1.2.7.
CVE-2024-2560 -- A vulnerability classified as problematic was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack can
CVE-2024-2561 -- A vulnerability, which was classified as critical, has been found in 74CMS 3.28.0. Affected by this issue is the function sendCompanyLogo of the file /controller/company/Index.php#sendCompanyLogo of the component Company Logo Handler. The manipulation of
CVE-2024-2562 -- A vulnerability, which was classified as critical, was found in PandaXGO PandaX up to 20240310. This affects the function InsertRole of the file /apps/system/services/role_menu.go. The manipulation of the argument roleKey leads to sql injection. It is pos
CVE-2024-2563 -- A vulnerability has been found in PandaXGO PandaX up to 20240310 and classified as critical. This vulnerability affects the function DeleteImage of the file /apps/system/router/upload.go. The manipulation of the argument fileName with the input ../../../.
CVE-2024-2564 -- A vulnerability was found in PandaXGO PandaX up to 20240310 and classified as critical. This issue affects the function ExportUser of the file /apps/system/api/user.go. The manipulation of the argument filename leads to path traversal: '../filedir'. The a
CVE-2024-2565 -- A vulnerability was found in PandaXGO PandaX up to 20240310. It has been classified as critical. Affected is an unknown function of the file /apps/system/router/upload.go of the component File Extension Handler. The manipulation of the argument file leads
CVE-2024-2566 -- A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240313. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file api/client/get_extension_yl.php. The manipulat
CVE-2024-2567 -- ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found in jurecapuder AndroidWeatherApp 1.0.0 on Android. Affected is an unknown function of the file androidmanifest.xml of the component Backup File Handler. The ma
CVE-2024-2568 -- A vulnerability has been found in heyewei JFinalCMS 5.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/div_data/delete?divId=9 of the component Custom Data Page. The manipulation leads to sql in
CVE-2024-25903 -- Exposure of Sensitive Information to an Unauthorized Actor vulnerability in N-Media Frontend File Manager.This issue affects Frontend File Manager: from n/a through 22.7.
CVE-2024-25933 -- Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 1.9.7.
CVE-2024-27957 -- Unrestricted Upload of File with Dangerous Type vulnerability in Pie Register.This issue affects Pie Register: from n/a through 3.8.3.1.
CVE-2024-27958 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle Visualizer allows Reflected XSS.This issue affects Visualizer: from n/a through 3.10.5.
CVE-2024-27959 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wpexpertsio WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management allows Reflected XSS.This issue affects WC Shop Sync – Integrate
CVE-2024-27960 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in I Thirteen Web Solution Email Subscription Popup allows Stored XSS.This issue affects Email Subscription Popup: from n/a through 1.2.20.
CVE-2024-27961 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codekraft AntiSpam for Contact Form 7 allows Reflected XSS.This issue affects AntiSpam for Contact Form 7: from n/a through 0.6.0.
From Russia, Elaborate Tales of Fake Journalists | Russia has unleashed a torrent of disinformation to try to discredit Ukraine’s leader, Volodymyr Zelensky, and undermine the country’s support in the West. nytimes.com/2024/03/18/busin… @nytimes -- 780thC
-- 780thC
A new variant of the wiper malware used to disrupt Ukrainian military communications at the onset of the Russian invasion emerged over the weekend | cyberscoop.com/viasat-malwar… @CyberScoopNews -- 780thC
AhnLab SEcurity intelligence Center (ASEC) recently discovered the Andariel group’s continuous attacks on Korean companies. asec.ahnlab.com/en/63192/@ @AhnLab_ASEC -- 780thC
Securonix Threat Research Security Advisory: Analysis of New DEEP#GOSU Attack Campaign Likely Associated with North Korean Kimsuky Targeting Victims with Stealthy Malware: securonix.com/blog/securonix… @Securonix -- 780thC
We are pleased to share this compelling article by @LeBlogDuHacker, helping our French readers and users familiarize themselves with the capabilities of our #Sandbox and #Threatintelligence 😎Click on the link to dive in!leblogduhacker.fr/any-run-th… -- anyrun_app
NoName continues to targets Greece.- Greek Point of Single Contact- Ministry of Infrastructure and Transport#Greece#ddos #threatintel #cti #cyberattack -- FalconFeedsio
Is TikTok really a danger to the West? What are the three biggest cyber concerns about TikTok, and how does the company respond to them bbc.co.uk/news/technology-64… -- joetidy
SonicWall researchers analyse a new variant of WhiteSnake, which can steal critical sensitive data from compromised systems. blog.sonicwall.com/en-us/202… -- virusbtn
Trend Micro's @jspchc & @thehellu look into a new APT campaign, named Earth Krahang, targeting several government entities worldwide, with a strong focus on Southeast Asia. Their investigation identified multiple links between Earth Krahang & Earth Lusca. -- virusbtn
We've just released the Q1 2024 VBSpam report: once again, the tested solutions were able to block most spam, with the exception of some phishing & malware samples - usually non-English emails or ones that were part of short and effective campaigns. virus -- virusbtn
Excellent overview of glibc heap exploitation techniques by @0xricksanchez0x434b.dev/overview-of-glibc…#glibc #cybersecurity -- 0xor0ne
BianLian #ransomware group has added Dr Daniel Leeman ENT (drleeman.com) to their victim list.#USA#bianlian #databreach #darkweb #cyberattack -- FalconFeedsio
HUNTERS INTERNATIONAL #ransomware group has added 2 new victims to their #darkweb portal. -AGL 🇨🇳-HSI 🇪🇸#China#Spain#huntersinternational #darkweb #databreach #cyberattack #cti -- FalconFeedsio
Russian Cyber Army claims to have targeted the website of Hostiko of Ukraine.#Ukraine#ddos #cyberattack #cti #threatintel -- FalconFeedsio
🤔 -- malwrhunterteam
😂 -- malwrhunterteam
Microsoft must be proudly hosting this @Bitstamp phishing:https://bitsmap.azurewebsites[.]net/🤷‍♂️ -- malwrhunterteam
Group: qilinApprox. Time: 02:44 19/03/24Title: t.me/+OVXlbwml5bE5YWQ0 -- RansomwareNews
LockBit posts Earnest Health Hospitals again for the third time. -- alvieriD
#cobaltstrikevirustotal.com/gui/file/4ce2…#opendirhxxp://122.51.120.170:8181/ -- petrovic082
Apologies for the multiple posts some of you may have seen or received notifications for. There was a miscommunication and we didn't convey information correctly. -- vxunderground
Hello,We were tipped off to two different healthcare facilities which are close to being extorted and/or having their data stolen.One is in Australia, one is in FranceIf you're a CERT Australia or CERT France, please contact us.Thanks, -- vxunderground
Hello, how are you? Lots of updates today. Believe it or not, we actually have a lot more to add besides this. We've decided to upload it in increments so we don't bomb your timeline.Cheers,Papers: - 2024-03-18 - Abusing SeTrustedCredmanAccessPrivilege to -- vxunderground
先日のオンライン会社説明会には多くの方に参加いただけたとのこと。ありがとうございました月内にもう一度会社説明会を実施予定ですので、興味のある方は参加を検討ください(説明会への参加の有無は選考には影響しません) -- 58_158_177_102
There are no bugs that lead to remotely exploitable conditions in modern PC gaming engines... ;-) -- hackerfantastic
The plot thickens... trainer mode activated in eSports league, anticheat system claims it wasn't hacked... Yet this ingame trainer system begs to disagree. -- hackerfantastic
Microsoft must be proudly hosting this @Trezor phishing:https://treszorwallest.azurewebsites[.]net/🤷‍♂️ -- malwrhunterteam
"NVUnityPlugin.dll" seen from Pakistan: 09d152aa2b6261e3b0a1d1c19fa8032f215932186829cfcca954cc5e84a6cc38C2 domain: www.mingeloem[.]com - @Namecheap registered...@ShadowChasing1 @h2jazi -- malwrhunterteam
Group: huntersApprox. Time: 20:44 18/03/24Title: HSI -- RansomwareNews
Group: huntersApprox. Time: 20:44 18/03/24Title: AGL -- RansomwareNews
Group: bianlianApprox. Time: 20:44 18/03/24Title: Dr. Leeman ENT -- RansomwareNews
ICYMI: @subat0mik, @_Mayyhem & @garrfoster announced the Misconfiguration Manager knowledge base last week. Check out @CSOonline to learn more about the resource that catalogs SCCM attacks and provides defensive strategies and hardening guidance. ghst.l -- specterops
😭😭😭 -- vxunderground
#0day #Karaf v4.4.3 Console - Remote #CodeExecution #Exploit 0day.today/exploit/descripti… -- inj3ct0r
#0day #WinterCMS 1.2.3 - Server-Side Template #Injection (#SSTI) (Authenticated) #Vulnerability 0day.today/exploit/descripti… -- inj3ct0r
#0day #vm2 - #SandboxEscape #Exploit 0day.today/exploit/descripti… -- inj3ct0r
#0day #LaborOfficeFree 19.10 - #MySQL #RootPassword Calculator #Exploit 0day.today/exploit/descripti… -- inj3ct0r
#0day #GibbonLMS < v26.0.00 - Authenticated Remote #CodeExecution #Exploit #RCE 0day.today/exploit/descripti… -- inj3ct0r
#0day #WEBIGniter v28.7.23 - Stored #XSS #Vulnerability 0day.today/exploit/descripti… -- inj3ct0r
#0day #ZoneMinder #Snapshots < 1.37.33 - Unauthenticated Remote #CodeExecution #Exploit 0day.today/exploit/descripti… -- inj3ct0r
#0day #WordPress File Upload Plugin < 4.23.3 - Stored #XSS #Vulnerability 0day.today/exploit/descripti… -- inj3ct0r
#0day #Nokia BMC Log Scanner - Remote #CodeExecution #Vulnerability #RCE 0day.today/exploit/descripti… -- inj3ct0r
"LB3_ReflectiveDll_DllMain.dll": c18aa6443ceebba48b182835ca02de209e4f62b546323add7a267c1838017fb8 -- malwrhunterteam
Another "GoogleChrome.apk": 1cb39ab82bffc0751d060003200daeab32a162ae0d448f7caa5505a2320d97c8 -- malwrhunterteam
Cyber — Le renseignement sur les cybermenaces ou CTI dlvr.it/T4G9PZ #OSINT #Medium -- osintbear
Group: playApprox. Time: 18:50 18/03/24Title: Schokinag -- RansomwareNews
Group: huntersApprox. Time: 16:50 18/03/24Title: Sun Holdings -- RansomwareNews
ICYMI: @subat0mik @_Mayyhem &@garrfoster announced the Misconfiguration Manager knowledge base last week. Check out @CSOonline to learn more about the resource that catalogs SCCM attacks and provides defensive strategies and hardening guidance. ghst.ly/3T -- specterops
Useful collection of notes to learn operating systems and Linux kernel internalslinux-kernel-labs.github.io/…#Linux #operatingsystems -- 0xor0ne
Hunters International has also just posted Sun Holdings. Trend continues.@ValeryMarchive -- alvieriD
Classic @RoyalMail parcel delivery themed iOS iMessage phish quick investigation thread 🔎🧵 Sender:alycestroman5hkt[@]gmail[.]comURL: hxxps://gb-ryzutt[.]top/postl1/n -- bushidotoken
My previous blog walking through this topic if you want to have a go yourself:blog.bushidotoken.net/2023/0… -- bushidotoken
Real IP on AS132203 / Tencent is displayed: virustotal.com/gui/ip-addres… via @virustotal Cluster of other similar domains found too, hunt for w/ Regex: gb-[a-z]{6}\.topcc @ET_Labs -- bushidotoken
First scan, redirects to RoyalMail.comurlscan.io/result/cbd12d26-7…Second scan w/ iOS User-Agent & 🇬🇧 IP, we can see it: urlscan.io/result/1d0c6973-5… via @urlscanio 2/n -- bushidotoken
One of the "essential" windows auditing tools, add my other favorites like rpcview, process hacker, sysinternals, ghidra, wireshark xpe viewer, windbg, imhex and visual studio. Get James Forshaw's NtObjectManager thing too, seems useful for parsing MIDL l -- hackerfantastic
"GoogleChrome.apk": 424f6a5ccdd9c614836807fab46c2a4cf1eeab7bdbdd2636b20204c585b9bdac -- malwrhunterteam
SIGNINT: Navigating the Waves of Signal Intelligence dlvr.it/T4G13x #OSINT #Medium -- osintbear
memfd_create() for fileless ELF execution by @MagisterQuismagisterquis.github.io/2018/…#Linux #cybersecurity -- 0xor0ne
Do you want to #geolocate wireless connections from the command line?GeoWiFi allows you to search WiFi #geolocation data on different public databases and export results in JSON and map format.github.com/GONZOsint/geowifi…@GONZOs_int#OSINT #wifi #intellig -- DailyOsint
#securitywithoutborders - @Kaspersky supports INTERPOL-coordinated action to disrupt #Grandoreiro malware operation - kas.pr/op3w -- e_kaspersky
How is it even possible to hack Wi-Fi using PMKID interception? kas.pr/mp1i -- e_kaspersky
A Catalonian must-do! #businesstravel #travel kas.pr/2z6n -- e_kaspersky
Cactus #ransomware group has added Grupa Topex (grupatopex.com) to their victim list.#Poland#cactus #databreach #cyberattack #darkweb -- FalconFeedsio
MSSPs are rapidly adopting new artificial intelligence tech.AI enables them to scale operations. Cover higher alert volumes. Deliver high-quality services. Speed up MTTR. And more.Read our blog here on why MSSPs are using AI for security operations: intez -- IntezerLabs
Learn about how Microsoft applies data science to identify malicious anomalies & build detections for potential threats in this Microsoft Threat Intelligence Podcast episode with Anna Bertiger, Emily Yale, and podcast host @sherrod_im: msft.it/6013cmD3X -- MsftSecIntel
PearlCTF 2024 dlvr.it/T4FZTV #OSINT #Medium -- osintbear
Personality Profile: Cai Qi (蔡奇) dlvr.it/T4FW1q #OSINT #Medium -- osintbear
Did you know? Since 2014, #AgentTesla has been silently stealing passwords and spying on unsuspecting victims. Its creators lure users in with false promises 🙄Don't fall victim to this insidious #malware, learn more via the link below ↘️any.run/malware-tr -- anyrun_app
btw @thor_scanner reports decryptable passwords in these XMLs as "Warning" when it scans themmore info on the passwords in group policy preferencesadsecurity.org/?p=2288 -- cyb3rops
from a recent IR report"It was discovered that the password of the domain administrator [..] had been stored in a Group Policy Object in decryptable text form since 2014." -- cyb3rops
No Easy Fix For Untangling Web of Critical Dependencies decipher.sc/no-easy-fix-for-… #decipher #deciphersec -- DecipherSec
Cactus #ransomware group has added eClinical Solutions (eclinicalsol.com) to their victim list.#USA#cactus #databreach #cyberattack #darkweb #cti -- FalconFeedsio
RCE 0day exploits in modern day game engines? No shit. ;-) -- hackerfantastic
🤡 -- malwrhunterteam
Group: cactusApprox. Time: 13:45 18/03/24Title: grupatopex.com\$66.5M\Poland\638GB\&lt;1% -- RansomwareNews
Group: cactusApprox. Time: 12:48 18/03/24Title: eclinicalsol.com\$24.5M\USA\3TB\&lt;1% -- RansomwareNews
GO Keylogger62b5315d7502b1c54b0fd98d8f0bd3b6#GOKeylogger #Keylogger #IOC -- suyog41
Interesting TTP Russian state-sponsored adversaries attempted recently against crowdfunded media orgs:They "enter stolen credit card information into its payment system, hoping to compromise it and force banks to cease working with the organization."there -- bushidotoken
NoName claims to have targeted multiple websites in Greece.- Center for European Constitutional Law- Thessaloniki Metro Greece- HELLENIC CIVIL AVIATION AUTHORITY- Minoan Lines - Port of Thessaloniki- Ministry of Infrastructure and Transport #Greece#ddos # -- FalconFeedsio
STORMOUS group has added PagineSì!(paginesi.it) to their victim list.#Italy#stormous #databreach #cyberattack #darkweb #cti -- FalconFeedsio
Russian Cyber Army claims to have targeted the website of Pension Fund of Ukraine.#Ukraine#ddos #cyberattack #cti #threatintel -- FalconFeedsio
Incident Response Tip⚡SysmonForLinux is an open-source tool that brings Sysmon's power to Linux systems. It logs activity, processes, and network connections resiliently, even though reboots and offers advanced filtering to spot malicious activities.githu -- IntezerLabs
You can thank @NicoleFishi19 for that tip! Follow her to keep up on her latest security research and technical how-to blog posts -- IntezerLabs
#cobaltstrikevirustotal.com/gui/file/61f4… -- petrovic082
In their latest article Palo Alto's Amanda Tanner, Anthony Galiette & Jerome Tujague look into the newly released BunnyLoader, as well as historically observed BunnyLoader infrastructure and an overview of its capabilities. unit42.paloaltonetworks.com/… -- virusbtn
Security researcher @RussianPanda9xx analyses the GlorySprout stealer and concludes that the individual behind it cloned the code of the Taurus Stealer project and modified it according to their specific needs & requirements. russianpanda.com/2024/03/16/… -- virusbtn
Netskope's Jan Michael Alcantara analyses an Azorult information stealer campaign delivered through HTML smuggling. netskope.com/jp/blog/from-de… -- virusbtn
North Korean Hackers Return to Tornado Cash Despite Sanctions| elliptic.co/blog/north-korea… @elliptic -- 780thC
Rob Joyce, the agency’s outgoing cybersecurity director, said on Friday that the U.S. is still finding victims of the Volt Typhoon hacking collective that’s been latching onto critical infrastructure | nextgov.com/cybersecurity/20… @NextgovFCW -- 780thC
X-Force observed ITG05 using the “search-ms” URI handler leading victims to download malware hosted on actor-controlled WebDAV servers. ITG05 is a Russian state-sponsored group consisting of multiple activity clusters and shares overlap with APT28 | secur -- 780thC
OT Hunt: Finding ICS/OT with Censys dlvr.it/T4Dk8G #OSINT #Medium -- osintbear
Linux debugging, profiling and tracing training Course by @bootlincom Slides: bootlin.com/doc/training/deb…Lab exercises: bootlin.com/doc/training/deb…Lab material (.tar.xz): bootlin.com/doc/training/deb…#Linux -- 0xor0ne
Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks | Trend Micro research identifies the campaign’s multiple connections with a China-nexus threat actor we track as Earth Lusca. trendmicro.com/en_us/researc… @TrendMicro -- 780thC
Today on our blog, we have expert insights from @RussianPanda9xx 😱🔥 In this research, she provides an in-depth technical analysis of the #AsukaStealer malware, including its C2 communication, and compares it to #ObserverStealer. Check it out! 🐼 any.run/cy -- anyrun_app
#Oceanlotusgithub.com/blackorbird/APT_R… -- blackorbird
しかも、別に自分がリーディングする立場でなくとも、成員としても学んでおくだけでよいチームメンバーとして振るまえるコツが見つかったりするので、早めに学んでおいて損はない時には、学んでいないリーダーやマネージャーによる自己だけでなくチームや組織への不利益を、自分の力でうまく変化させることもできるようになる -- 58_158_177_102
この辺の分野は感覚と経験ではうまくやれないことの方が多いので、現場でいきなり実践でやって失敗してしまうことも多くて(自分もそう)、そうなる前に外部のトレーニングや書籍で学ぶ効果が高い世の中には数多の先人の本があるし、これだけはこの分野で読んでおけ、という本も示されていることが多い -- 58_158_177_102
これらの世界はもちろん追求すれば奥深くて泥沼だけれど、これらの分野の初歩のセオリーだけを学ぶだけでも、自分と周りの世界をよくするためによい示唆が与えられ視界が広がると思うし、本来的に興味を持っている技術的な面の探求においてもより有用な効果があると感じる -- 58_158_177_102
技術を追求する技術者が、技術に対する興味関心のほんの少し、マネジメント・チームビルディング・プロジェクトマネジメント・ビジネス構造について初歩でも学んだら大きく見える世界が変わってくるのにもったいなぁ、と思っている -- 58_158_177_102
8BASE #ransomware group has added RSHP (rshp.com) to their victim list. #UK#8base #databreach #cyberattack #darkweb #cti -- FalconFeedsio
Exercise 001 — Declassified Secrets dlvr.it/T4DPGh #OSINT #Medium -- osintbear
#Encoder .Happ.any.run/tasks/d0ac3118-0… -- petrovic082
Trap Stealere4f61a7237508a71efed50b0a4b0df7d- Now rewritten in GO- old version (python)https://github[.]com/TheCuteOwl/Trap-Stealer\- Upload stolen data to gofile[.]io#TrapStealer #GOStealer #Stealer #IOC -- suyog41
Tuga Ransomware9b8ecdecbe7ac4bbf4568817f6f1fc39Extension : .KILL#TugaRansomware #Ransomware #IOC -- suyog41
Top 10 last week's threats by uploads 💻⬇️ #Phishing 1116 (1624)⬆️ #Agenttesla 173 (164)⬇️ #Asyncrat 91 (107)⬇️ #Remcos 81 (135)⬆️ #Risepro 58 (41)⬆️ #Hijackloader 53 (15)⬇️ #Njrat 51 (67)⬆️ #Redline 42 (41)⬇️ #Xworm 32 (73)⬇️ #Formbook 31 (40)Track them a -- anyrun_app
LockBit #ransomware group has added Crinetics Pharmaceuticals (crinetics.com) to their victim list. #USA#lockbit #darkweb #databreach #cyberattack -- FalconFeedsio
It appears Apex Legends RCE is real. We do not know the technicalities behind it, but based on the response by the Apex Legends Esports organization, and the messages appearing in game, it looks legit.Very cool -- vxunderground
NASDAQ listed Crinetics Pharmaceuticals is being extorted by LockBit“Those responsible for the exfiltration of data belonging to this victim have no association…with the LockBit Group.” -- alvieriD
Group: 8baseApprox. Time: 02:51 18/03/24Title: RSHP -- RansomwareNews
Group: lockbit3Approx. Time: 01:02 18/03/24Title: crinetics.com -- RansomwareNews
Rumors of Apex Legends RCE. We have no idea if it's true. Gamers tend of sensationalize things because they're literally gamers.tl;dr big if true -- vxunderground
ICYMI: The #FOR589 Course Syllabus is here sans.org/cyber-security-cour… -- bushidotoken
Personal Announcement: Our team just handed in our #FOR589 Cybercrime Intelligence course to SANS. It’s been one hell of a journey. I joined the team as co-author in August 2022. We’ve been working on it most weekends and many evenings since. Very glad we -- bushidotoken
Interesting short reading on (position independent) malware implants.Credits @C5pider5pider.net/blog/2024/01/27/m…#redteam #infosec #cybsersecurity -- 0xor0ne
企業が専門的な役職を雇用する際に少しだけでも調査をすればわかることをしていないのは組織としての怠慢だし、重要インフラがそれをすると、その組織の運営するサービス自体は大丈夫か、となる -- 58_158_177_102
Group: stormousApprox. Time: 21:45 17/03/24Title: paginesi.it -- RansomwareNews
Large update to vx-underground tomorrow. Until that time comes please enjoy the rest of your weekend. Sunday is the day to relax.Unless you're in Australia, or something because it's already Monday there. If you're in Australia it's time to work, nerd. >: -- vxunderground
Today Twitter open sourced Grok – the Twitter AI thing people get access to when they have Twitter Premium+Very coolgithub.com/xai-org/grok-1 -- vxunderground
SHA256 content hash for Meduza Stealer C2 Panels (175 found)urlscan.io/search/#hash%3A06… -- bushidotoken
it was even more extreme: we overburned them -- cyb3rops
OSINT Exercise #025 dlvr.it/T4CJ3v #OSINT #Medium -- osintbear
Adversaries are leveraging document publishing sites to host convincing lure documents or convincing fake login pages -- talossecurity
Here's what you need to know from this week's #PatchTuesday -- talossecurity
It should be noted before anyone hits us with an "aktschually" - the data was stolen in 2021. It was leaked online today. -- vxunderground
Today 70,000,000+ records from an unspecified division of AT&T were leaked onto Breached. No information is available to indicate whether it is a 3rd party compromise, or which 'division' this data is from.Regardless, upon review we can confirm the stolen -- vxunderground
AT&T denied it was from them at the time…9to5mac.com/2021/08/20/claim… -- bushidotoken
Russian Cyber Army Team claims to have targeted the website of Crimea Platform, Ukraine.#ukraine #ddos #cyberattack #cti #threatintel -- FalconFeedsio
Anonymous Sudan claims to have targeted Mauritel, principal telecommunications company in Mauritania. #Cyberattack #Threatintel #Mauritania -- FalconFeedsio
NoName claims to have targeted multiple websites in Romania.- Alpha Bank Romania S.A- Banca Comerciala Română - Aedificium Banca pentru Locuinte- Banca Naţională a României#Romania#ddos #cyberattack #cti #threatintel -- FalconFeedsio
MEDUSA #ransomware group has added 2 new victims to their #darkweb portal.- Elior UK 🇬🇧- AdSP Mar Tirreno Settentrionale 🇮🇹#UK #Italy#medusa #cyberattack #databreach #darkweb -- FalconFeedsio
Midjourney remembers -- cyb3rops
You will get to work in a fantastic growing company with great benefits, such as a focus on development. We also get to work with awesome customers and do research! All skillsets are encouraged to apply. -- josh_penny
Still time to apply or have a chat about the role! Want to do YARA with @RustyNoob619?Want to Hunting/malware analysis with @Bloodshot_CTI?Want to do infrastructure hunting/research?Want to beat our @knappresearchlb at darts on social nights out?Got other -- josh_penny
#Synapse #Ransomwareapp.any.run/tasks/bca6f6a4-c… -- petrovic082
-- DrunkBinary
Trigona #ransomware group has added 3 new victims to their #darkweb portal.- Indoarsip 🇮🇩- Bwizer Group 🇵🇹- Topa Electrical 🇳🇿#Indonesia #Portugal #NewZealand#trigona #cyberattack #cti #darkweb #databreach -- FalconFeedsio
Medusa Team has breached Autorità di Sistema Portuale del Mar Tirreno Settentrionale in Italy.The Port System Authority of the Northern Tyrrhenian Sea oversees 6 ports in Italy including port Livorno, Tuscany. -- alvieriD
BianLian #ransomware group has added Consolidated Benefits Resources (cbrcloud.com) to their victim list. #USA#bianlian #darkweb #databreach #cyberattack -- FalconFeedsio
-- vxunderground
Group: malloxApprox. Time: 02:06 17/03/24Title: Rafum Group -- RansomwareNews
Stuffing up the WINDIR env. var. with THE SPACEhexacorn.com/blog/2024/03/16… -- Hexacorn
ゆれ。。。 -- 58_158_177_102
Lolbin Wow Ltd x 2hexacorn.com/blog/2024/03/16…#LOLBIN -- Hexacorn
"Adobe Genp 4.0.dmg": aaa44571ba1e81142ff2d0414ef6e21160935e7f958a9588a476963a529d3f7e"Adobe Genp 4.0": 93f33e76c57240dda2b80b0270ad867a4c77ee7ad4ac135d086398e789e4dbc9 -- malwrhunterteam
68b85056e7052a5936a63b08b1667a7f0d6c94670beff45557ee63cc9a31b365😂 -- malwrhunterteam
Group: trigonaApprox. Time: 18:46 16/03/24Title: indoarsip.co.id/ -- RansomwareNews
Group: trigonaApprox. Time: 18:46 16/03/24Title: bwizer.com/pt/ -- RansomwareNews
Android (strings) obfuscation reverse engineeringCredits Jeroen Beckers (@Dauntless, @NVISO_Labs)blog.nviso.eu/2024/01/15/deo…#android #infosec -- 0xor0ne
Group: trigonaApprox. Time: 17:46 16/03/24Title: topa.co.nz/ -- RansomwareNews
LockBit #ransomware group has added 9 new victims to their #darkweb portal.-HDS Trading Corporation 🇺🇸-Dutton Brock LLP 🇨🇦-Cole Fabrics Plc 🇬🇧-Agricultural Bank of Namibia 🇳🇦-Triella 🇨🇦-R. Robertson Insurance Brokers 🇨🇦-Bergmeister GmbH 🇩🇪-Newman & Co 🇬🇧- -- FalconFeedsio
Group: lockbit3Approx. Time: 14:43 16/03/24Title: hdstrading.com -- RansomwareNews
Group: lockbit3Approx. Time: 14:43 16/03/24Title: duttonbrock.com -- RansomwareNews
Group: lockbit3Approx. Time: 14:43 16/03/24Title: colefabrics.com -- RansomwareNews
Group: lockbit3Approx. Time: 14:43 16/03/24Title: bergmeister.eu -- RansomwareNews
Group: lockbit3Approx. Time: 14:43 16/03/24Title: automotionshade.com -- RansomwareNews
Group: lockbit3Approx. Time: 14:43 16/03/24Title: agribank.com.na -- RansomwareNews
Group: bianlianApprox. Time: 15:44 16/03/24Title: Consolidated Benefits Resources -- RansomwareNews
Group: lockbit3Approx. Time: 14:43 16/03/24Title: triella.com -- RansomwareNews
Group: lockbit3Approx. Time: 14:43 16/03/24Title: rrib.com -- RansomwareNews
Group: lockbit3Approx. Time: 14:43 16/03/24Title: newmans-online.co.uk -- RansomwareNews
Clop Ransomware has done it again.Clop is the first ransomware group to ransom a bus company. Please try and explain to me how this is the same group from last year that was breaching every major company in the world and now relegated to these posts. -- alvieriD
The LockBit shadow hacking group is cluster posting 9 new victims ( so far) this morning including allegedly breaching Toronto IT & cyber firm Triella. -- alvieriD
HUNTERS INTERNATIONAL #ransomware group has added Miki Travel (miki.co.uk) to their victim list. #UK#huntersinternational #cyberattack #cti #darkweb #databreach -- FalconFeedsio
With the recent outages affecting #Meta and #ATT, everyone was quick to claim it was a cyber attack. But what if the most obvious answer is the correct one? -- talossecurity
NoName continues to targets Romania.-The Romanian National Cyber Security Directorate-Authorization of Alpha Bank Romania-Banca Comerciala Română (BCR)#Romania#ddos #cyberattack #cti #threatintel -- FalconFeedsio
INC RANSOM #ransomware has added Aculabs (aculabs.com) to their victim list. #USA#incransom #darkweb #databreach #cyberattack #cti -- FalconFeedsio
🤔¿Sabías que los datos que alimentan nuestros sistemas de aprendizaje automático pueden ser 🏴‍☠️'envenenados'? Descubre cómo esta amenaza silenciosa puede alterar nuestras decisiones digitales. mkt.2beonline.net/owasp2 #IA #Ciberseguridad #infosec #OWASP -- CAlapsi
2024/03/19 10:24#三井住友カード #フィッシングメール #Phishing ◆件名【重要】三井住友カードからの重要なセキュリティ更新◆リンクsmbc-card.dpsokxq[.]cn◆IP47.74.27[.]143 #Alibaba -- catnap707
Actualización: El grupo Hunters International vuelca los datos de Cosmocolor. 🚨 117.000 archivos aprox, con un total de 114GB. #ransomware #Mexico -- chum1ng0
Did you know that deepfake technology can convincingly replicate your voice and mannerisms. Stay aware, stay skeptical, and verify before you trust! #DeepfakeDiscovery #CyberSecurity #StayInformed #I4C #MHA #Cyberdost #Cybercrime #Cybersecurity #Stayalert -- Cyberdost
In short, #phishing is an attack targeted at stealing information, whether personal or commercial. #Phishing is performed for a variety of reasons; to profit off the theft of banking details, the delivery of #malware or #ransomware, and #espionage both go -- CyberGuyRO
New BianLian onion URL is live.bianlivemqbawcco4cx4a672k2fip3guyxudzurfqvdszafam3ofqgqd[.]onion#BianLian #Ransomware #DarkWebInformer #DarkWeb #Cybersecurity #Cyberattack #Cybercrime #Infosec #CTI -- DarkWebInformer
👀 Guys please be safe out there! Take your time!For the first time since I entered #web3 in March of 2021, I just got hacked with a phishing bot.Luckily they only got $1,300 in @pepe I connected my my wallet to malicious site.be careful frens.#phishing # -- davidbianchi
Grupo Ligado à Coreia do Norte Nivela Ciberataque de Vários Estágios na Coreia do Sul.#cti #threatintel #threathunting #attackdarkreading.com/vulnerabilit… -- Dohko_CTI
🚨Major Threat Alert: Security Advisory: Remote Command Execution in Cisco Access Point WAP Products - #CVE-2024-20335CVE-2024-20335CVE-2024-20336Chatter: 🔴 HighMaturity: 🧨 Trendinghubs.li/Q02pW9dt0#CyberSecurity #ThreatIntel #InfoSec -- fletch_ai
Chief information Security Officers and cyber whistleblowing: considerations for boards and breach response teams  JD Supra dlvr.it/T4GjQQ #CyberSecurity #InfoSec #SecurityInsights -- iSecurity
Beware Of Free wedding Invite WhatsApp Scam That Steal Sensitive Data  GBHackers dlvr.it/T4Gj8j #SecurityInsights #CyberSecurity #InfoSec -- iSecurity
Ciencia, Tecnología e Innovación en salud para los próximos veinte años #CTI #MedicinaPersonalizada #SaludMental #investigacion #educacion onlinelibrary.wiley.com/doi/… @MinSaludCol @IETSColombia @INSColombia @ANM_Colombia -- JuanMAnayaC
#Phishing #mercari IP:210.56.49.188(AS 64050 / BGPNET Global ASN )hxxps://www.fhvsnym.cnhxxps://www.fioawit.cnhxxps://www.fjmurjy.cnhxxps://www.frqpodv.cnhxxps://www.gqabnbb.cnhxxps://www.gyfkwoq.cnhxxps://www.mydncdt.cnhxxps://www.npurcso.cnhxxps://www.o -- KesaGataMe0
#Phishing #MUFG #三菱UFJ銀行 IP:91.215.85.178(AS 200593 / Prospero Ooo )hxxps://dash.mufj-28dd1a5047fd56a220c675e86def033a.is/ -- KesaGataMe0
#Phishing #AEONCARD IP:192.253.227.43(AS 64050 / BGPNET Global ASN )hxxps://www.ccpictures.comhxxps://www.cinerockom.comhxxps://www.janebadams.comhxxps://www.kingofspas.comhxxps://www.kurdem.comhxxps://www.likfenix.comhxxps://www.lmmproject.comhxxps://www -- KesaGataMe0
Possible #phishing Website Found#infosec #cybersecurity #フィッシング詐欺 URL: hxxps://dash[.]mufj-28dd1a5047fd56a220c675e86def033a[.]is/IP: 91.215.85.178Brand: #MUFG BankVT: virustotal.com/gui/url/2de50… -- noladefense
Inbox me#hacked #facebookdown #whatsapp #hackedinstagram #twitterdown #lockedaccount #metamask #ransomware #alterworld -- Preytech_
If you need help recovering any account, emails, Tiktok, Snapchat,Instagram etc.I'm available 24/7 Send me an inbox #hacked#facebookdown #whatsapp#hackedinstagram#twitterdown #lockedaccount#metamask #ransomware#alterworld -- Preytech_
To bypass 403 restrictions1. Use patterns like in the URL path/*/%2f//.///*/2. Adding Headers in request with value 127.0.0.1X-Custom-IP-AuthorizationX-Forwarded-ForX-Remote-IPForwarded-For X-Client-IP3. Switch from GET to POST (or other methods) #CyberS -- PurbiaLaxita
CISA: Adobe Releases Security Updates for Multiple Products - redpacketsecurity.com/cisa-a…#CISA #OSINT #ThreatIntel #Cyber -- RedPacketSec
CISA: Apple Released Security Updates for Multiple Products - redpacketsecurity.com/cisa-a…#CISA #OSINT #ThreatIntel #Cyber -- RedPacketSec
CISA: Cisco Releases Security Updates for Secure Client - redpacketsecurity.com/cisa-c…#CISA #OSINT #ThreatIntel #Cyber -- RedPacketSec
CISA: Microsoft Releases Security Updates for Multiple Products - redpacketsecurity.com/cisa-m…#CISA #OSINT #ThreatIntel #Cyber -- RedPacketSec
CISA: CISA Publishes SCuBA Hybrid Identity Solutions Guidance - redpacketsecurity.com/cisa-c…#CISA #OSINT #ThreatIntel #Cyber -- RedPacketSec
CISA: Fortinet Releases Security Updates for Multiple Products - redpacketsecurity.com/cisa-f…#CISA #OSINT #ThreatIntel #Cyber -- RedPacketSec
US-CERT Vulnerability Summary for the Week of March 11, 2024 - redpacketsecurity.com/cisa-v…#USCERT #OSINT #ThreatIntel -- RedPacketSec
Offering the best recovery services.All social media accounts hacking, Infiltration, and recovery#hackedinstagram #TwitterDown #lockedaccount #metamask #ransomware#gmailhack #gmaildown #hacked #Hacking #hackaccount #Facebook #hacked #coinbasesupport #wall -- REUBEND81186693
Offering the best recovery services.All social media accounts hacking, Infiltration, and recovery#hackedinstagram #TwitterDown #lockedaccount #metamask #ransomware#gmailhack #gmaildown #hacked #Hacking #hackaccount #Facebook #hacked #coinbasesupport #wall -- REUBEND81186693
An in-depth discussion on maximizing threat intelligence in order to mitigate #ransomware risk. stuf.in/bdkx98 -- RNITSOL
#CTI Venezuela grande -- RojasMonagas
Do you manage security for your multicloud environment with a comprehensive platform or siloed security tools? Reply to discuss or ask the experts from accel bi corporation for more information about @Microsoft Security for Business. #cybersecur -- AccelBI
Microsoft Copilot for Security: General Availability details: ift.tt/jxdDEL3 by Microsoft Security Blog #infosec #cybersecurity #technology #news -- Alevskey
Webinar #Gratuito: "#Sysinternals". Jueves 21 de Marzo del 2024. De 5:00pm a 5:45pm (UTC -05:00). #cybersecurity #hacking #readteam #bugbounty #forensics #osint Registro Libre en: reydes.com/d/?q=eventos -- Alonso_ReYDeS
bleepingcomputer.com/news/se… #CyberSecurity #Attacks #CSCIS -- CIDC_Ops
New Report Finds 81% of Defense SMBs Have Begun CMMC Compliance, Yet Struggle to Reach Certification ow.ly/CpfH50QVFQb #CyberSecurity #Technology -- Cybersecinsider
Ransomware is the biggest #cybersecurity threat enterprises face today 🔓We look at how #Huawei can help you overcome 3 major challenges to stop attacks in their tracks & keep your data safe 🔒 ⬇️#HuaweiBlog #OceanStorDorado #HuaweiStorage #InnovateForImpac -- Huawei
If your Roblox is hacked, all hacking services are available to me Inbox me24/7 at your service#hacking #recovery #robloxdown #hack #cybersecurity -- Preytech_
☆꧁Report Cases your safety is secured 100% ꧂☆ #spam #elsed #bist100 #hisse #dizipal #astor #borsa #zagabet #rinabet #privacy #yrkkh #naagin #infosec #hackathon #kalilinux #malware #TargetedIndividuals #reels #personality #me #happy #win #love #laugh #try -- Preytech_
Unsecure passwords are still a major source of data breaches. It may be time to invest in a business password manager to improve cybersecurity. Here are several to choose from.#Cybersecurity #BusinessPasswordManagers pcmag.com/picks/the-best-pas… -- SquareAlpha
Compilers, linkers, JITs and assemblers Internals (focus on software security hardening)Low-Level Software Security for Compiler Developers:llsoftsec.github.io/llsoftse…#compilers #cybersecurity -- 0xor0ne
Have exclusive Hacking jobs?DM and Ask for my service.#hacked #icloud #facebookdown#imessage #ransomware #snapchat#snapchatsupport #snapchatleak#hacking #discord #XboxSeriesX#XboxShare #roblox #missingphone#gmailhack #gmaildown #hacked -- anessygoden
[FREE ACCESS ARTICLE] Shhhloader - SysWhispers Shellcode Loaderhakin9.org/shhhloader-syswhi…#infosec #cybersecurity #redteam #pentest #pentesting #hacking #hackers #coding #opensource -- Hakin9
Hackers Claim Accessing 740GB of Data from Viber Messaging App  HackRead dlvr.it/T4BTYz #SecurityInsights #CyberSecurity #InfoSec -- iSecurity
McDonald’s denies cyber attack as stores go down globally  The New Daily dlvr.it/T4BT9d #SecurityInsights #CyberSecurity #InfoSec -- iSecurity
New cheatsheets pushed🕵️‍♂️github.com/r1cksec/cheatshee…Including:An interesting blog post on how attackers use QEMU to create a tunnel between two networks🖥️securelist.com/network-tunne…#infosec #cybersecurity #windows #redteam #pentest #qemu #pivot #tun -- r1cksec
BianLian Ransomware Victim: Consolidated Benefits Resources - redpacketsecurity.com/bianli…#BianLian, #darkweb, #databreach, #ransomware, #threatintel, #tor -- RedPacketSec
#IMF probes #cybersecurity incident, says no top managers affected | Reuters reuters.com/technology/cyber… -- SophTac
This is how "Windows Installation Files" can be weaponized into #malware that bypasses #Windows Defender in the latest Windows 11 distribution. #infosec #malwaredevelopment #zoom -- _kavigihan
Importante contribución a la creación de capacidades en @CubaMES para la #CTI construyendo el futuro que nos mostró #FidelViveEntreNosotros @AuroraFdez19 @nataliauci16 @mibalbin @ondinaleon @AlbertoTurro1 -- AllanPierra
साइबर सेफ्टी #tipoftheweek अपने फेसबुक प्रोफाइल को जरूर लॉक करें। अपने प्रोफाइल को लॉक कर आप अपने पोस्ट/प्रोफाइल पिक्चर को प्राइवेट रख सकते हैं।..#BiharPolice #cyberawareness #cybersecurity #Dial1930 #Bihar -- bihar_police
Third-Party ChatGPT Plugins Could Lead to Account Takeovers thehackernews.com/2024/03/th…#bugbounty #bugbountytips #bugbountytip #hackerone #bugcrowd #infosec #cybersecurity #pentesting #redteam #informationsecurity -- bountywriteups
Stand against the digital menace - Say no to cyberbullying!#I4C #MHA #Cyberdost #Cybercrime #Cybersecurity #Stayalert #News #Awareness -- Cyberdost
Is The Public Cloud "Possibly"Now More Secure andResilience Than On- #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #cloudsecurity #malware #ransomware #cyber #threathunting #ZeroTrust#CISA -- Dsecuredsourcee
Allegedly, #Trigona has named multiple victims.Threat Actor: TrigonaRansomware Victim: 2 VictimsDate: 2024-03-16#Ransomware #DarkWeb #Cybersecurity #Cyberattack #Cybercrime #Infosec #CTI -- Ethical_hack1
Trigona #ransomware group has added 3 new victims to their #darkweb portal.- Indoarsip 🇮🇩- Bwizer Group 🇵🇹- Topa Electrical 🇳🇿#Indonesia #Portugal #NewZealand#trigona #cyberattack #cti #darkweb #databreach -- FalconFeedsio
🚨Major Threat Alert: ShadowSyndicate Ransomware Gang Targets aiohttp CVE-2024-23334 Flaw: Patch Now! - #ShadowSyndicateCVE-2024-23334Chatter: 🔴 HighMaturity: 🧨 Trendinghubs.li/Q02pHcb10#CyberSecurity #ThreatIntel #InfoSec -- fletch_ai
🚨Major Threat Alert: CVE-2024-27307: Critical Flaw in Popular JSONata Library Could Lead to Code Execution - #CVE-2024-27CVE-2024-27307Chatter: 🔴 HighMaturity: 💢 Emerginghubs.li/Q02pHb8w0#CyberSecurity #ThreatIntel #InfoSec -- fletch_ai
🚨Major Threat Alert: CVE-2024-23944: Critical Apache ZooKeeper Flaw Exposes Sensitive Data, Patch Immediately - #CVE-2024CVE-2024-23944Chatter: ⚠️ CriticalMaturity: 💢 Emerginghubs.li/Q02pH6Z70#CyberSecurity #ThreatIntel #InfoSec -- fletch_ai
Thanks to #informationsecurity #certification #framework 𝗜𝗦𝗢 / 𝗜𝗘𝗖 𝟮𝟳𝟬𝟬𝟬, you can implement an information security program from a physical, technical and organizational point of view.➡ is.gd/InformationSecurity_ #CyberSecurity #dataeconomy #اقتصادالبيانا -- GeeksAcademyEu
Social media mistakes making Aussies ‘fish in a barrel’ for hackers  Daily Telegraph dlvr.it/T4BHvb #CyberSecurity #InfoSec #SecurityInsights -- iSecurity
🚨#MásSeguridad Gracias al trabajo conjunto entre la Gobernación de #Cundinamarca, @PoliciaCmarca, #REMSA, @COL_EJERCITO, @FiscaliaCol y el #CTI, 176 kilos de marihuana han sido incautados, la noche de ayer, en el municipio de #AguaDeDios, los cuales se su -- JorgeEmilioRey
Hackers Exploit Aiohttp Bug To Find Vulnerable Networks - redpacketsecurity.com/hacker…#OSINT #ThreatIntel #CyberSecurity -- RedPacketSec
CovenantC2 Detected - 5[.]206[.]224[.]58:7443 - redpacketsecurity.com/covena…#CovenantC2 #OSINT #ThreatIntel -- RedPacketSec
Unveil the secrets of malware analysis with Shrutirupa Banerjiee! Join our LIVE webinar on "Introduction to Malware Analysis". Use code "SECURZY24" for a discount on Securzy Pro annual subscription. Register now: learn.securzy.io/webinar/int… #CyberSecuri -- SecurzyHQ
We have helped alot of people Recover their lost/ Hacked Account and Wallets etcInbox Us, if you need our Hacking Services.We are Available 24/7Inbox and Smile Again#Hacked #facebookdown #whatspp #hackedinstagram #twitterdown  #lockedaccount #MetaMask #ra -- walker_hack0