Lucene search
+L

191 matches found

Schneier on Security
Schneier on Security
added 2025/05/28 11:9 a.m.11 views

Location Tracking App for Foreigners in Moscow

Russia is proposing a rule that all foreigners in Moscow install a tracking app on their phones. Using a mobile application that all foreigners will have to install on their smartphones, the Russian state will receive the following information: Residence location Fingerprint Face photograph...

7.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:59 a.m.7 views

CVE-2023-51650

Hertzbeat is an open source, real-time monitoring system. Prior to version 1.4.1, Spring Boot permission configuration issues caused unauthorized access vulnerabilities to three interfaces. This could result in disclosure of sensitive server information. Version 1.4.1 fixes this issue...

7.5CVSS6.8AI score0.00865EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2025/05/23 12:0 a.m.7 views

AI/ML for 5G and beyond Cybersecurity

The advancements in communication technology 5G and beyond and global connectivity Internet of Things IoT also come with new security problems that will need to be addressed in the next few years. The threats and vulnerabilities introduced by AI/ML based 5G and beyond IoT systems need to be...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2025/04/08 12:30 p.m.31 views

Telegram-Story-Scraper - A Python Script That Allows You To Automatically Scrape And Download Stories From Your Telegram Friends

A Python script that allows you to automatically scrape and download stories from your Telegram friends using the Telethon library. The script continuously monitors and saves both photos and videos from stories, along with their metadata. Important Note About Story Access ⚠️ Due to Telegram API...

7.1AI score
Exploits0References1
Akamai Blog
Akamai Blog
added 2025/03/27 7:0 p.m.16 views

Enhancing Public Sector Cybersecurity with Akamai API Security

Learn how Akamai's API security solution helps federal agencies identify, protect, and monitor API traffic in real time...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2023-22497

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It...

9.1CVSS7.3AI score0.0068EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/02/05 2:25 a.m.10 views

CVE-2024-42361

Hertzbeat is an open source, real-time monitoring system. Hertzbeat 1.6.0 and earlier declares a /api/monitor/monitorId/metric/metricFull endpoint to download job metrics. In the process, it executes a SQL query with user-controlled data, allowing for SQL injection...

9.8CVSS9.6AI score0.0108EPSS
Exploits1References1
CVE
CVE
added 2024/12/13 4:4 p.m.95 views

CVE-2024-55661

CVE-2024-55661 affects Laravel Pulse prior to 1.3.1. The vulnerability is triggered via the remember(callable $query, string $key = '') method in Laravel\Pulse\Livewire\Concerns\RemembersQueries, which allows an authenticated dashboard user to invoke arbitrary callables (functions or static metho...

8.8CVSS7.7AI score0.29468EPSS
Exploits3References2Affected Software1
Wallarm Lab
Wallarm Lab
added 2024/11/12 7:9 p.m.7 views

Context is King: Using API Sessions for Security Context

There’s no doubt that API security is a hot topic these days. The continued growth in API-related breaches and increase in publicized API vulnerabilities has pushed API security to the top of CISO’s lists. The tools in the market for API security still have room for improvement, of course. One of...

7.3AI score
Exploits0
Talos Blog
Talos Blog
added 2024/09/26 6:0 p.m.16 views

Are hardware supply chain attacks “cyber attacks?”

The recent attacks in the Middle East triggering explosions on pagers has raised new fears around physical hardware supply chain attacks. In cybersecurity, we typically consider supply chain attacks to target software, in which adversaries infect a legitimate tool with a malicious, fake update th...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/09/24 2:58 p.m.20 views

Rapid7 Recognized in Forrester’s 2024 Attack Surface Management (ASM) Wave Report

This week, Rapid7 was recognized as a Contender in Forrester’s report, The Forrester WaveTM: Attack Surface Management ASM Solutions Q3 2024. We’re proud to have been selected for inclusion in the report, which to us reflects a continued dedication to enabling customers to: Monitor 100% of their...

7.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/09/17 12:0 a.m.9 views

The vulnerability of FactoryTalk Batch View’s software for real-time control and monitoring processes is related to deficiencies in authentication procedures, allowing attackers to circumvent existing security restrictions.

The vulnerability of FactoryTalk Batch View’s software for managing and monitoring manufacturing processes in real-time is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow attackers to circumvent existing security restrictions remotely...

8.1CVSS5.4AI score0.00544EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2024/08/20 8:56 p.m.88 views

CVE-2024-42362

CVE-2024-42362 affects Hertzbeat, an open-source real-time monitoring system. It describes an authenticated (user role) remote-code-execution vulnerability via unsafe deserialization in /api/monitors/import. The issue is classified with a high impact (CVSS v3.1: 8.8) affecting confidentiality, in...

8.8CVSS8.6AI score0.0133EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2024/08/20 8:56 p.m.23 views

CVE-2024-42362 GHSL-2023-255: HertzBeat Authenticated (user role) RCE via unsafe deserialization in /api/monitors/import

Hertzbeat is an open source, real-time monitoring system. Hertzbeat has an authenticated user role RCE via unsafe deserialization in /api/monitors/import. This vulnerability is fixed in 1.6.0...

8.8CVSS6.9AI score0.0133EPSS
Exploits1References8
Rapid7 Blog
Rapid7 Blog
added 2024/07/25 7:54 p.m.12 views

From Top Dogs to Unified Pack

Embracing a consolidated security ecosystem Cybersecurity is as unpredictable as it is rewarding. Each day often presents a new set of challenges and responsibilities, particularly as organizations accelerate digital transformation efforts. This means you and your cyber team may find yourselves...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/03 11:0 a.m.43 views

The Emerging Role of AI in Open-Source Intelligence

Recently the Office of the Director of National Intelligence ODNI unveiled a new strategy for open-source intelligence OSINT and referred to OSINT as the "INT of first resort". Public and private sector organizations are realizing the value that the discipline can provide but are also finding tha...

6.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/25 1:30 p.m.17 views

From Top Dogs to Unified Pack

Embracing a consolidated security ecosystem Authored by Ralph Wascow Cybersecurity is as unpredictable as it is rewarding. Each day often presents a new set of challenges and responsibilities, particularly as organizations accelerate digital transformation efforts. This means you and your cyber...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2024/05/01 12:30 p.m.51 views

OSTE-Web-Log-Analyzer - Automate The Process Of Analyzing Web Server Logs With The Python Web Log Analyzer

Automate the process of analyzing web server logs with the Python Web Log Analyzer. This powerful tool is designed to enhance security by identifying and detecting various types of cyber attacks within your server logs. Stay ahead of potential threats with features that include: Features 1. Attac...

7AI score
Exploits0References1
The Hacker News
The Hacker News
added 2024/04/12 11:13 a.m.28 views

Code Keepers: Mastering Non-Human Identity Management

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database quer...

7.2AI score
Exploits0
NVD
NVD
added 2024/02/22 4:15 p.m.41 views

CVE-2023-51388

Hertzbeat is a real-time monitoring system. In CalculateAlarm.java, AviatorEvaluator is used to directly execute the expression function, and no security policy is configured, resulting in AviatorScript which can execute any static method by default script injection. Version 1.4.1 fixes this...

9.8CVSS9.8AI score0.01309EPSS
Exploits1References2
Rows per page
Query Builder