+84949482065
Mortar Loader is able to bypass modern anti-virus products and advanced XDR solutions and it has been tested and confirmed bypass for the following: — Kaspersky — ESET — Malewarebytes…
Solar appScreener tested a mobile app and detected vulnerabilities that were absent from the source code provided by developers. To avoid sanctions, the developers submitted an abridged and obfuscated code…
Thousands of sites down ! Why the hell did they move cloud if this is to reproduce the same mistakes as on premise ! Cloud allows to have many availability…
Proposed legislation in the UK would establish mandatory security standards for Internet of Things (IoT) devices. The Product Security and Telecommunications Infrastructure Bill would apply to IoT manufacturers, importers, and…
The FBI has issued a Flash Alert warning of an actively exploited 0-day in FatPipe WARP, MPVPN, and IPVPN Software. An unknown threat actor has been exploiting the flaw in…
An audit of government IT operations in Palo Alto, Calif., found a lack of risk management and incident response policies, issues that local leaders voted to remedy. Other challenges found…
Mozilla has released security updates to address a vulnerability in Network Security Services (NSS). An attacker could exploit this vulnerability to take control of an affected system. Ref https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/
CVE-2021-44077 is an unauthenticated remote code execution vulnerability that affects all ServiceDesk Plus versions up to, and including, version 11305. More https://us-cert.cisa.gov/ncas/alerts/aa21-336a
We already have 18,124 CVEs as of December 1, 2021. More detail https://www.cvedetails.com/browse-by-date.php
In the wazuh-slack active response script in Wazuh before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution. Ref https://github.com/wazuh/wazuh/issues/10858
