Lucene search
K

30 matches found

Qualys Blog
Qualys Blog
added 2022/08/03 1:1 p.m.27 views

Introducing CyberSecurity Asset Management 2.0 with Natively Integrated External Attack Surface Management

Qualys is introducing Qualys CyberSecurity Asset Management 2.0, which now delivers natively integrated External Attack Surface Management EASM to enable Cybersecurity teams to identify any and all assets visible on the internet, including previously unknown assets and any potential security...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/06/27 10:26 a.m.25 views

What Are Shadow IDs, and How Are They Crucial in 2022?

Just before last Christmas, in a first-of-a-kind case, JPMorgan was fined $200M for employees using non-sanctioned applications for communicating about financial strategy. No mention of insider trading, naked shorting, or any malevolence. Just employees circumventing regulation using, well, Shado...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/04/07 12:0 a.m.6 views

The vulnerability in the implementation of the extractor.rdfa.XSLTStylesheet object of the XSLTStylesheet class in the Apache Any23 library allows attackers to perform XXE attacks.

The vulnerability of the extractor.rdfa.XSLTStylesheet object class in the XSLTStylesheet class of the Apache Any23 library is related to an incorrect restriction on XML references to external objects. Exploiting this vulnerability could allow a remote attacker to perform XXE attacks...

9.4CVSS7.8AI score0.02814EPSS
Exploits0References4Affected Software1
Qualys Blog
Qualys Blog
added 2021/12/20 7:31 p.m.23 views

Qualys Integrates with Shodan to Help Map the External Attack Surface

Qualys CyberSecurity Asset Management CSAM now natively integrates with Shodan to enable cybersecurity teams to identify all assets visible on the internet, including previously unknown and potential security issues… before attackers find them. Your attack surface is dynamic. Assets come and go,...

0.5AI score
Exploits0
ThreatPost
ThreatPost
added 2021/07/20 1:0 p.m.84 views

A New Security Paradigm: External Attack Surface Management

Ran Nahmias, Co-founder and CBO, Cyberpion In the past, a web application or online service could be taken at face value by your customers and employees. It was created, developed, and secured by your organization, and every element of the IT infrastructure that supported that service was under...

7.6AI score
Exploits0References6
The Hacker News
The Hacker News
added 2019/12/03 9:28 a.m.70 views

Top 5 Cybersecurity and Cybercrime Predictions for 2020

We distilled 30 independent reports dedicated to cybersecurity and cybercrime predictions for 2020 and compiled the top 5 most interesting findings and projections in this post. Compliance fatigue will spread among security professionals Being a source of ongoing controversy and debate, the...

0.5AI score
Exploits0
Kitploit
Kitploit
added 2018/02/02 4:7 p.m.16 views

Evilgrade - Modular Framework To Take Advantage Of Poor Upgrade Implementations By Injecting Fake Updates

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries agents, a working default configuration for fast pentests, and has it's own WebServer and DNSServer modules. Easy to set up new...

6.9AI score
Exploits0References1
The Hacker News
The Hacker News
added 2012/03/22 9:27 p.m.10 views

Anonymous Attacker Package by Maxpain

Anonymous Attacker Package by Maxpain "Maxpain" Hacker and Security Developer, Releases two tools in an Package called "Anonymous Attacker Package". First one is - Anonymous external attack, allows you to execute udp flood web attack, into websites, this tool was made as external of LOIC, the...

7AI score
Exploits0
myhack58
myhack58
added 2005/12/13 12:0 a.m.24 views

The latest hacking techniques: the XSS cross-site scripting attack detailed description-vulnerability warning-the black bar safety net

General description A simple description of what isXSSattack How to findXSSvulnerability ForXSSattack the General idea From internal attacks: How to find the internalXSSvulnerability How to construct attack How to use The junction of any instances of attacks, such as DVBBS&BBSXP From external...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2004/10/22 12:0 a.m.23 views

CAN-2004-0814: Linux terminal layer races

Linux 2.6.9 fixes a set of race conditions in the Linux terminal subsystem which are believed to go back to 2.2 kernels if not earlier. The race shows up problematically in two places. Firstly a user can cause crashes and other undefined behaviour by issuing a TIOCSETLD ioctl on a terminal...

0.4AI score0.00692EPSS
Exploits0
Rows per page
Query Builder