Lucene search
K

371 matches found

BDU FSTEC
BDU FSTEC
added 2025/04/07 12:0 a.m.9 views

The vulnerability of the SIEM systems’ load testing tools, Kraken Stress Testing Toolkit, arises due to deficiencies in the authentication process, allowing unauthorized users to gain access to protected information.

The vulnerability of the SIEM systems’ stress testing tools, such as Kraken Stress Testing Toolkit, stems from deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

5.5CVSS5.5AI score
Exploits0References1Affected Software1
GithubExploit
GithubExploit
added 2025/03/25 11:39 a.m.234 views

Exploit for CVE-2025-29927

Testing script for CVE-2025-29927 Provided by CyberMaxx. CV...

9.1CVSS8.1AI score0.99301EPSS
Exploits58
Microsoft Secure
Microsoft Secure
added 2025/03/18 4:0 p.m.7 views

AI innovation requires AI security: Hear what’s new at Microsoft Secure

When you’re secure—innovation happens. But, the fast pace of AI often outpaces traditional security measures, leaving gaps that bad actors can take advantage of. As a security professional, you’re the hero in this battle between protecting vast amounts of data while ensuring AI systems remain...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/03/11 10:30 a.m.19 views

Steganography Explained: How XWorm Hides Inside Images

Inside the most innocent-looking image, a breathtaking landscape, or a funny meme, something dangerous could be hiding, waiting for its moment to strike. No strange file names. No antivirus warnings. Just a harmless picture, secretly concealing a payload that can steal data, execute malware, and...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/20 7:0 a.m.4 views

Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity

Microsoft has announced a new Windows Resiliency Initiative as a way to improve security and reliability, as well as ensure that system integrity is not compromised. The idea, the tech giant said, is to avoid incidents like that of CrowdStrike's earlier this July, enable more apps and users to be...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/21 11:11 a.m.60 views

THN Cybersecurity Recap: Top Threats, Tools and News (Oct 14 - Oct 20)

Hi there! Here's your quick update on the latest in cybersecurity. Hackers are using new tricks to break into systems we thought were secure—like finding hidden doors in locked houses. But the good news? Security experts are fighting back with smarter tools to keep data safe. Some big companies...

9.8CVSS8.5AI score0.98557EPSS
Exploits26
Imperva Blog
Imperva Blog
added 2024/10/14 5:45 p.m.34 views

Imperva Defends Against Targeted Exploits Used By APT29 Hackers

Recently, U.S. and U.K. cyber agencies have warned of a renewed wave of attacks led by Russian APT29 hackers. These sophisticated threat actors have been actively exploiting vulnerabilities in Zimbra Collaboration Suite and JetBrains TeamCity, specifically CVE-2022-27924 and CVE-2023-42793, to...

9.8CVSS7.8AI score0.99979EPSS
Exploits19
HackRead
HackRead
added 2024/09/21 3:59 p.m.13 views

Apple’s macOS Sequoia Update Breaks Security Tools

Apples macOS Sequoia update is causing major compatibility issues with popular security tools. Reportedly, users are facing disruptions…...

7.4AI score
Exploits0
Trellix
Trellix
added 2024/08/29 12:0 a.m.15 views

Unmasking ViperSoftX: In-Depth Defense Strategies Against AutoIt-Powered Threats

Trellix Global Defenders: Unmasking ViperSoftX: In-Depth Defense Strategies Against AutoIt-Powered Threats By James Murphy · August 29, 2024 There’s a common misconception that threat actors must always write complicated and custom code in every piece of their malware, skilfully evading defenses,...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/02 11:35 a.m.25 views

Webinar: Discover the All-in-One Cybersecurity Solution for SMBs

In today's digital battlefield, small and medium businesses SMBs face the same cyber threats as large corporations, but with fewer resources. Managed service providers MSPs are struggling to keep up with the demand for protection. If your current cybersecurity strategy feels like a house of cards...

7.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2024/07/25 4:0 a.m.27 views

Secure Your APIs and Reduce Your Attack Surface With Modern, AI-powered API Security in Qualys Web Application Scanning (WAS)

The rise of APIs presents both opportunities and challenges in today’s hyperconnected digital world. APIs are integral to digital transformation initiatives across industries. The latest data indicates that over 83% of web traffic now comprises API traffic, highlighting their critical role in...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/15 10:24 a.m.19 views

CRYSTALRAY Hackers Infect Over 1,500 Victims Using Network Mapping Tool

A threat actor that was previously observed using an open-source network mapping tool has greatly expanded their operations to infect over 1,500 victims. Sysdig, which is tracking the cluster under the name CRYSTALRAY, said the activities have witnessed a tenfold surge, adding it includes "mass...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/07 11:9 a.m.12 views

Cyber Landscape is Evolving - So Should Your SCA

Traditional SCAs Are Broken: Did You Know You Are Missing Critical Pieces? Application Security professionals face enormous challenges securing their software supply chains, racing against time to beat the attacker to the mark. Software Composition Analysis SCA tools have become a basic instrumen...

7.5AI score
Exploits0
Chainguard
Chainguard
added 2024/06/05 4:15 p.m.34 views

CVE-2024-24790 vulnerabilities

Vulnerabilities for packages: prometheus-mongodb-exporter-fips, cilium-fips, gcsfuse, ko, kubernetes-dashboard-fips, ksops, flux-image-automation-controller, kpt, kubernetes-dashboard-metrics-scraper-fips, kubernetes-event-exporter, prometheus-beat-exporter, stern, gh, render-template,...

9.8CVSS6.7AI score0.01952EPSS
Exploits0
OSV
OSV
added 2024/05/28 3:47 p.m.21 views

GHSA-7R3J-QMR4-JFPJ Kaminari Insecure File Permissions Vulnerability

A moderate severity security vulnerability has been identified in the Kaminari pagination library for Ruby on Rails, concerning insecure file permissions. This advisory outlines the vulnerability, affected versions, and provides guidance for mitigation. Impact This vulnerability is of moderate...

6.6CVSS6.5AI score0.00595EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/05/28 3:47 p.m.24 views

Kaminari Insecure File Permissions Vulnerability

A moderate severity security vulnerability has been identified in the Kaminari pagination library for Ruby on Rails, concerning insecure file permissions. This advisory outlines the vulnerability, affected versions, and provides guidance for mitigation. Impact This vulnerability is of moderate...

6.6CVSS6.5AI score0.00595EPSS
Exploits0References4Affected Software1
Kitploit
Kitploit
added 2024/04/14 9:24 p.m.53 views

Toolkit - The Essential Toolkit For Reversing, Malware Analysis, And Cracking

This tool compilation is carefully crafted with the purpose of being useful both for the beginners and veterans from the malware analysis world. It has also proven useful for people trying their luck at the cracking underworld. It's the ideal complement to be used with the manuals from the site,...

7.2AI score
Exploits0References6
Malwarebytes
Malwarebytes
added 2024/03/19 7:33 p.m.31 views

Upcoming webinar: How a leading architecture firm approaches cybersecurity

How does a company navigate over 80 years of technical debt? Which tools do a security team of 5 rely on everyday? What threats are considered most dangerous? On March 28, 2024, Malwarebytes CEO, Marcin Kleczynski, and Payette Associates Director of Information Technology, Dan Gallivan, will answ...

7.4AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/02/28 7:9 p.m.22 views

Navigating the Waters of Generative AI

Part I: The Good and the Bad of AI Few would argue that 2023 was the year AI, specifically generative AI Gen AI like ChatGPT, was discussed everywhere. In October, Forrester published a report about how security tools will leverage AI. The findings in that report showed that Gen AI would augment...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/01 11:40 a.m.32 views

Why the Right Metrics Matter When it Comes to Vulnerability Management

How's your vulnerability management program doing? Is it effective? A success? Let's be honest, without the right metrics or analytics, how can you tell how well you're doing, progressing, or if you're getting ROI? If you're not measuring, how do you know it's working? And even if you are...

7.4AI score
Exploits0
Rows per page
Query Builder