Lucene search
K

116 matches found

The Hacker News
The Hacker News
added 2023/06/30 11:31 a.m.3 views

3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage

In today's fast-paced digital landscape, the widespread adoption of AI Artificial Intelligence tools is transforming the way organizations operate. From chatbots to generative AI models, these SaaS-based applications offer numerous benefits, from enhanced productivity to improved decision-making...

6.5AI score
Exploits0
Huntr
Huntr
added 2023/05/11 3:19 p.m.11 views

Lack of security consideration leads to multiple critical weaknesses

Introduction This report serves more as a suggestion to improve security, rather than fixing any single "vulnerability". I've given examples to demonstrate the impact that neglecting security may have, but these are not the root cause of the issue. Due to the nature of a package, being able to...

8AI score
Exploits0References2
CISA
CISA
added 2023/01/11 12:0 a.m.8 views

NCSC-UK Releases Guidance on Using MSP for Administering Cloud Services

The United Kingdom’s National Cyber Security Centre NCSC-UK has released a blog post, Using MSPs to administer your cloud services, that provides organizations security considerations for using a third party, such as a managed service provider MSP, to administer cloud services. Contracting with a...

0.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/01/06 12:0 a.m.39 views

EulerOS Virtualization 3.0.2.6 : binutils (EulerOS-SA-2023-1092)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reorderi...

8.3CVSS7.9AI score0.12205EPSS
Exploits5References3
CISA
CISA
added 2022/09/15 12:0 a.m.11 views

CISA and NSA Publish Open Radio Access Network Security Considerations

CISA and the National Security Agency NSA have published Open Radio Access Network Security Considerations. This product—generated by the Enduring Security Framework ESF Open Radio Access Network RAN Working Panel, a subgroup within the cross-sector working group—assessed the benefits and securit...

1.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2022/08/25 6:47 p.m.332 views

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

New research indicates that over 80,000 Hikvision surveillance cameras in the world today are vulnerable to an 11 month-old command injection flaw. Hikvision – short for Hangzhou Hikvision Digital Technology – is a Chinese state-owned manufacturer of video surveillance equipment. Their customers...

9.8CVSS10AI score0.99869EPSS
Exploits23References2
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/08/11 12:0 a.m.13 views

Cyber Insurance Coverage Checklist: 5 Security Items

Explore 5 security considerations in-line with cyber insurance requirements to renew or obtain a policy while reducing your cyber risk...

2.1AI score
Exploits0
Kitploit
Kitploit
added 2022/08/08 12:30 p.m.87 views

Smap - A Drop-In Replacement For Nmap Powered By Shodan.Io

Smap is a replica of Nmap which uses shodan.io's free API for port scanning. It takes same command line arguments as Nmap and produces the same output which makes it a drop-in replacament for Nmap. Features Scans 200 hosts per second Doesn't require any account/api key Vulnerability detection...

7.6AI score
Exploits0References4
ICS
ICS
added 2022/07/21 12:0 a.m.67 views

AutomationDirect Stride Field I/O

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: AutomationDirect Equipment: Stride Field I/O Vulnerability: Cleartext Transmission of Sensitive Information. 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

9.6CVSS7.9AI score0.00446EPSS
Exploits0References4
Code423n4
Code423n4
added 2022/06/14 12:0 a.m.17 views

Rounding Issues In Certain Functions

Lines of code Vulnerability details Background Per EIP 4626's Security Considerations Finally, ERC-4626 Vault implementers should be aware of the need for specific, opposing rounding directions across the different mutable and view methods, as it is considered most secure to favor the Vault itsel...

6.6AI score
Exploits0
Kitploit
Kitploit
added 2022/04/03 12:30 p.m.24 views

CobaltBus - Cobalt Strike External C2 Integration With Azure Servicebus, C2 Traffic Via Azure Servicebus

Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus Setup 1. Create an Azure Service Bus 2. Create a Shared access policy Connection string that can only Send and Listen 3. Edit the static connectionString variable in Beacon C projects to match the "Primar...

7.2AI score
Exploits0References2
Information Security Automation
Information Security Automation
added 2022/01/21 6:57 p.m.20 views

End of CentOS Linux. Where to migrate?

Hello everyone! As you probably know, CentOS Linux, the main Enterprise-level Linux server distribution, will soon disappear. It wasnt hard to predict when RedHat acquired CentOS in 2014, and now it is actually happening. End of life of CentOS Linux 8 was 31.12.2021. There wont be CentOS Linux as...

7.1AI score
Exploits0
HackRead
HackRead
added 2022/01/04 6:9 p.m.21 views

5 Things to Consider When Getting into Cryptocurrency

By Owais Sultan When it comes to cryptocurrency, you don’t have to just close your eyes and hope for the best. There are several ways you can put yourself in an advantageous position. This is a post from HackRead.com Read the original post: 5 Things to Consider When Getting into Cryptocurrency...

1.1AI score
Exploits0
Atlassian
Atlassian
added 2021/12/17 7:3 p.m.46 views

Upgrade Logback for CVE-2021-42550

h3. Issue Summary In the wake of Log4Shell, CVE-2021-42550 has been created for similar JNDI considerations in Logback. The Logback maintainers have removed some functionality from Logback in response and released Logback 1.2.9. Please note: There is no RCE in Logback, and there is no vulnerabili...

8.5CVSS1.8AI score0.04439EPSS
Exploits1
Microsoft Secure
Microsoft Secure
added 2021/11/23 7:0 p.m.23 views

Stay safe online this holiday shopping season with tips from Microsoft

You may have already noticed this holiday shopping season feels different than those we’ve had before. Headlines about supply chain issues, worker shortages, costs rising—all while the pandemic continues to impact our lives. In my own inbox, I saw emails from brands touting Black Friday sales as...

7.3AI score
Exploits0
OSV
OSV
added 2021/11/01 4:15 a.m.4 views

CVE-2021-42694

An issue was discovered in the character definitions of the Unicode Specification through 14.0. The specification allows an adversary to produce source code identifiers such as function names using homoglyphs that render visually identical to a target identifier. Adversaries can leverage this to...

8.3CVSS7.5AI score0.04485EPSS
Exploits1References10
OSV
OSV
added 2021/11/01 4:15 a.m.5 views

CVE-2021-42574

An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and...

8.3CVSS8.4AI score
Exploits0References18
OSV
OSV
added 2021/11/01 4:15 a.m.20 views

UBUNTU-CVE-2021-42574

An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and...

8.3CVSS6.8AI score0.12205EPSS
Exploits4References6
CVE
CVE
added 2021/11/01 12:0 a.m.766 views

CVE-2021-42574

CVE-2021-42574 describes a trojan-source style vulnerability in the Unicode Bidirectional Algorithm up to Unicode 14.0, allowing visual reordering of code tokens via BiDi control characters. Connected advisories confirm public attention across GCC/binutils/toolchains, with mitigations including u...

8.3CVSS8.4AI score0.12205EPSS
In wildExploits4References18Affected Software1
CISA
CISA
added 2021/09/23 12:0 a.m.12 views

CISA Releases Guidance: IPv6 Considerations for TIC 3.0

The federal government has prioritized the transition of federal networks to Internet Protocol version 6 IPv6 since the release of Office of Management and Budget OMB Memorandum 05-22 in 2005. In 2020, OMB renewed its focus on IPv6 through the publication of OMB Memorandum 21-07. That memorandum...

6.6AI score
Exploits0References4
Rows per page
Query Builder