Lucene search
+L

119 matches found

ThreatPost
ThreatPost
added 2020/02/26 5:35 p.m.77 views

Hackers Cashing In On Healthcare Industry Security Weaknesses

SAN FRANCISCO – Cybercriminals are pushing boundaries in looking for new ways to cash in on the healthcare space – whether it is persuading desperate patients to download health information apps that actually infect their devices with malware, attacking hospitals with ransomware attacks or even...

10CVSS0.2AI score0.03633EPSS
Exploits0References10
The Hacker News
The Hacker News
added 2020/01/16 6:7 p.m.52 views

Broadening the Scope: A Comprehensive View of Pen Testing

Penetration tests have long been known as a critical security tool that exposes security weaknesses through simulated attacks on an organization's IT environments. These test results can help prioritize weaknesses, providing a road-map towards remediation. However, the results are also capable of...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2019/10/22 12:6 p.m.46 views

Cynet's Vulnerability Assessment Enables Organizations to Dramatically Reduce their Risk Exposure

Protection from cyberattacks begins way before attackers launch their weapons on an organization. Continuously monitoring the environment for security weaknesses and addressing such, if found, is a proven way to provide organizations with immunity to a large portion of attacks. Among the common...

7.6AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/08/02 8:52 a.m.41 views

DCMS Practical Guidelines. Actionable information

The DCMS guidelines for IoT security are an excellent set of recommendations. They help developers secure devices by outlining the basic ways one can prevent common security weaknesses from being present in their devices and infrastructure. The recommendations are well thought out, and encourage...

7.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/06/21 12:0 a.m.6 views

The vulnerability of the Windows GDI component in Windows operating systems allows attackers to disclose protected information.

The vulnerability of the Windows GDI component in Windows operating systems is related to deficiencies in security mechanisms. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

6.5CVSS5.4AI score0.04314EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/04/30 12:0 a.m.5 views

Vulnerability of the Server component: Security: Privileges of the MySQL database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server component: Security: Privileges of the MySQL database management system is related to deficiencies in access control. Exploiting this vulnerability may allow a malicious actor to cause service interruptions using the MySQL protocol...

4.9CVSS6.5AI score0.02232EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/03/13 12:0 a.m.6 views

The vulnerability of the Windows GDI component in Windows operating systems allows attackers to disclose protected information.

The vulnerability of the Windows GDI component in Windows operating systems is related to deficiencies in security mechanisms. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

7.8CVSS7.1AI score0.07708EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2019/03/04 11:36 p.m.64 views

Argentinian Teen Becomes First to Earn $1M in Bug Bounties with HackerOne

A 19-year-old that goes by the handle “@trytohack” became the first white hat hacker to surpass $1 million in bounty awards on the HackerOne platform. The Argentinian researcher, whose real name is Santiago Lopez, started reporting security weaknesses to companies in 2015 on HackerOne, when he wa...

0.6AI score
Exploits0References6
Kitploit
Kitploit
added 2019/01/12 12:5 p.m.249 views

Kube-Hunter - Hunt For Security Weaknesses In Kubernetes Clusters

Kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments. You should NOT run kube-hunter on a Kubernetes cluster you don't own! Run kube-hunter : kube-hunter is available as a...

7.5AI score
Exploits0References2
Schneier on Security
Schneier on Security
added 2018/11/06 12:51 p.m.35 views

Security of Solid-State-Drive Encryption

Interesting research: "Self-encrypting deception: weaknesses in the encryption of solid state drives SSDs": Abstract: We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware. In theory, the security guarantees offered by hardware encryption are...

1AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/11/02 2:29 p.m.105 views

No need for lock picking tools

This is something I knocked up to show how terrible some locks are. I found this one in my garage. It was from when my wife and I went to a Download festival a couple of years back and is a lock from one of those paid-for secure storage places where you can leave your car keys, phone etc. Let's...

6.8AI score
Exploits0
Lenovo
Lenovo
added 2018/09/20 4:58 p.m.562 views

Iomega and LenovoEMC NAS Web UI Vulnerabilities - US

Lenovo Security Advisory: LEN-24224 Potential Impact: Privilege escalation Severity: High Scope of Impact: Lenovo specific CVE Indentifier: CVE-2018-9074, CVE-2018-9075, CVE-2018-9076, CVE-2018-9077, CVE-2018-9078, CVE-2018-9079, CVE-2018-9080, CVE-2018-9081, CVE-2018-9082 Summary Description:...

1.4AI score0.04079EPSS
Exploits0
Lenovo
Lenovo
added 2018/09/20 4:58 p.m.29 views

Iomega and LenovoEMC NAS Web UI Vulnerabilities - Lenovo Support US

No description provided...

9.8CVSS5.9AI score0.04079EPSS
Exploits0
OpenVAS
OpenVAS
added 2017/11/22 12:0 a.m.391 views

Multiple AVM FRITZ!Box WPA2 Key Reinstallation Vulnerabilities - KRACK

WPA2 as used in several models of the AVM FRITZ!Box are prone to multiple security weaknesses aka Key Reinstallation Attacks KRACK. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

8.1CVSS7.3AI score0.04575EPSS
Exploits1References3
Krebs on Security
Krebs on Security
added 2017/10/27 8:39 p.m.62 views

Fear the Reaper, or Reaper Madness?

Last week we looked at reports from China and Israel about a new "Internet of Things" malware strain called "Reaper" that researchers said infected more than a million organizations by targeting newfound security weaknesses in countless Internet routers, security cameras and digital video recorde...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2017/10/18 12:0 a.m.282 views

MikroTik RouterOS WPA2 Key Reinstallation Vulnerabilities - KRACK

WPA2 as used in MikroTik RouterOS is prone to multiple security weaknesses aka Key Reinstallation Attacks KRACK. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

8.1CVSS7.4AI score0.04575EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2017/06/21 12:0 a.m.31 views

AgileBits 1Password 6.3.3 Multiple Vulnerabilities (macOS)

The version of AgileBits 1Password installed on the remote macOS or Mac OS X host is equal to 6.3.3. It is, therefore, affected by multiple vulnerabilities : - A security weakness exists in the internal web browser in which the default protocol that is used is set to HTTP. If a user visits a...

5.7AI score
Exploits0References4
ThreatPost
ThreatPost
added 2016/08/24 8:0 a.m.71 views

New Collision Attacks Against 3DES, Blowfish Allow for Cookie Decryption

RC4 apparently is no longer the lone pariah among smaller cryptographic ciphers. Already broken and set for deprecation by the major browser and technology makers, RC4 could shortly have company in Triple-DES 3DES and Blowfish. Researchers are set to present new attacks against 64-bit ciphers tha...

5CVSS6.8AI score0.95707EPSS
Exploits7References5
Lenovo
Lenovo
added 2016/06/20 12:0 a.m.39 views

Multiple ThinkServer System Manager (TSM) *50-series Security Weaknesses - Lenovo Support US

No description provided...

5CVSS6.3AI score0.01351EPSS
Exploits0
n0where
n0where
added 2016/05/11 9:5 p.m.22 views

Black Box WordPress Vulnerability Scanner: WPScan

WPScan is a Black Box WordPress Vulnerability Scanner that attempts to find known security weaknesses within WordPress installations. The application is provided for security professionals or WordPress administrators to help them find security problems and vulnerabilities in their installations. ...

0.7AI score
Exploits0References1
Rows per page
Query Builder