Beijing Netnifty Security Gateway has a weak password vulnerability

Beijing Netnifty Information Technology Company is a leading enterprise in the domestic information security industry, specializing in the research and development, production and sales of information security products, and providing hierarchical overall security solutions and security profession...

Teleport has an unspecified vulnerability (CNVD-2022-18316)

Teleport is an identity-aware, multi-protocol access agent from Teleport USA, Inc. Used by engineers and security professionals to unify access to SSH servers, Kubernetes clusters, web applications, and databases across all environments, Teleport has a security vulnerability that could be exploit...

7 Courses That Will Help You Start a Lucrative Career in Information Security

As the world becomes more interconnected by the day, more and more companies of all sizes and industries are finding themselves under attack by fearless cybercriminals who can access their entire server farms from across the globe with only a few lines of code. And it's not just private...

Become a Certified Hacker With This Hands-On Training Course

It seems as though not a day goes by without news spreading over another major cyber attack. Hackers are becoming increasingly efficient at targeting everything from small startups to Fortune 500 companies and even entire government agencies, and as the world moves further away from traditional...

CISSP Certification Course — Become An IT Security Professional

If you dream of making it big in the IT security community, the CISSP certification is a necessary milestone. Certified Information Systems Security Professional CISSP is a globally recognised certification in the field of information security, which has become a gold standard of achievement that...

Security Bulletin: NVIDIA Linux GPU Display Driver contains missing permissions check and improper validation vulnerabilities (CVE-2016-7382, CVE-2016-7389)

Vulnerability Details CVE-2016-7382 NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer nvidia.ko handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an escalation of privileges. CVSS Base Score: 6.8 CVSS Tempor...

SimpleRisk 20130915-01 - Multiple Vulnerabilities

No description provided by source. 1. Advisory Information Title: SimpleRisk v.20130915-01 CSRF-XSS Account Compromise Advisory ID: RS-2013-0001 Date Published: 2013-09-30 2. Vulnerability Information Type: Cross-Site Request Forgery CSRF CWE-352, OWASP-A8, Cross-Site Scripting XSS CWE-79, OWASP-...

SimpleRisk 20130915-01 Cross Site Request Forgery / Cross Site Scripting

Advisory Information Title: SimpleRisk v.20130915-01 CSRF-XSS Account Compromise Advisory ID: RS-2013-0001 Date Published: 2013-09-30 2. Vulnerability Information Type: Cross-Site Request Forgery CSRF CWE-352, OWASP-A8, Cross-Site Scripting XSS CWE-79, OWASP-A3 Impact: Full Account Compromise...

Long range RFID hacking tool to be released at Black Hat

Out of necessity come many interesting inventions. Fran Brown, a year ago, was working a penetration test for an electric utility doing an assessment of its SCADA network. His first challenge was to get inside the facility, meaning, in short that he had to break in. To do so, he decided to test t...

Android malware 'Priyanka' spreading rapidly through WhatsApp messenger

An Android malware is spreading around WhatsApp messenger called 'Priyanka'. It changes all your groups names to Priyanka, and may also change your contact names to Priyanka. Apparently, the malware doesn't actually harm Android devices, but it is very annoying and it spreads manually, relying on...

OSSAMS - Open Source Security Assessment Management System

OSSAMS - Open Source Security Assessment Management System As information security professionals, we conduct security assessments for companies. One of the biggest problems we have is after all the data is collected, how can we correlate the data accurately. So we decided to start a project to...

Reality Based Cyber Crime Novella Explores Aftermath of Stuxnet Attack On Iran

Reality Based Cyber Crime Novella Explores Aftermath of Stuxnet Attack On Iran GRAND RAPIDS – Cyber Styletto is a new novella by a journalist, a writer, and a security expert who have pooled their talents to create an enthralling good read that is future forward and predictive. The facts are base...

HITB MagazineVolume 1, Issue 5 Download !

Contents of HITB Magazine Issue 005: Linux Security: Investigating Kernel Return Codes with the Linux Audit System Network Security: Secure Shell Attack Measurement and Mitigation and ARP Spoofing Attacks & Methods for Detection and Prevention: Exploiting Web Virtual Hosting –Malware Infections...

Lessons Learned From the Gawker Hack

Everyone sounded the alarms at the Gawker Media attack, which included a security breach of websites such as Gizmodo, Lifehacker, Kotaku, io9, and others. The numbers were impressive: 1.3 million user accounts exposed, 405 megabytes of source code lost, and perhaps more important to some, the...