How to Prepare for a Cyberattack

Deciphering the Cyber Invasion Terrain We exist in an era deeply entrenched in digital dependence, where cyber invasions present significant risks for companies, government establishments, and solitary users. As we hurdle deeper into the digital era, the art of cyber misdemeanors continues to...

10er10 (=0.23.0), 10tcl (>=0.0.1 <=0.0.10) +11458 more potentially affected by CVE-2017-16119 via fresh (>=0.0.1 <=0.5.1)

fresh NPM version =0.0.1, =0.0.1, =1.0.1, =1.0.3, =1.0.2, =1.0.0, =0.2.0, =0.1.0, =0.0.1, =0.0.1, =0.0.5 - 4design =0.0.1 and more Source cves: CVE-2017-16119 Source advisory: OSV:GHSA-9QJ9-36JM-PRPV...

GHSA-9QJ9-36JM-PRPV Regular Expression Denial of Service in fresh

Affected versions of fresh are vulnerable to regular expression denial of service when parsing specially crafted user input. Recommendation Update to version 0.5.2 or later...

Fresh Denial of Service Vulnerability

Fresh is a Node.js module that uses request and response headers to detect response freshness. A security vulnerability exists in Fresh. An attacker can exploit the vulnerability with the help of specially crafted inputs to cause a denial of service...

Internet Explorer 8 Exploit Found in Watering Hole Campaign Targeting Chinese Dissidents

On March 16th, we discovered a premeditated waterhole campaign that hosts exploits and malware on websites frequented by a specific target group. In this case the target includes Chinese dissidents. For the attacker, this approach is highly attractive since it is very difficult to discover the...