32 matches found
CVE-2026-40368
creationtimestamp| type| source ---|---|--- 2026-05-12 15:53:28+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0144 2026-05-12 16:38:43+00:00| seen| https://www.thezdi.com/blog/2026/5/12/the-may-2026-security-update-review 2026-05-13 01:08:48+00:00| seen|...
Agentic Browser Security: 2025 Year-End Review
Are agentic browsers the new Flash? A 2025 review of new attacks, vendor security layers, and a roadmap for navigating AI browser risks...
Microsoft .NET End of Life (EOL) Detection
The Microsoft .NET product on the remote host has reached the End of Life EOL and should not be used anymore. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...
Linux Distros Unpatched Vulnerability : CVE-2024-58056
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix idafree call while not allocated In the rprocalloc function, on error,...
Testing the security of CCTV systems
TL;DR CCTV is often overlooked; ‘shadow tech’ whose security isn’t as carefully reviewed as core IT assets It is often a responsibility for facilities managers who may have little experience of cyber security Security of the hardware and software of some CCTV camera brands is sorely lacking A...
10 years on from the Target breach. Has building cyber security improved?
It’s over a decade since the Target data breach. It was an event that reinforced the need for supply chain security reviews. It seems that much has changed since then, or has it? Has the security profile of the average connected building in the USA improved in that time period, be it retail,...
PT-2023-18384 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue concerns an example implementation related to the Open Compute Project's short-form report generator for Vendor Security Reviews. The short-form report is a JSON object...
Cloud Security Tops Concerns for Cybersecurity Leaders: EC-Council's Certified CISO Hall of Fame Report 2023
A survey of global cybersecurity leaders through the 2023 Certified CISO Hall of Fame Report commissioned by the EC-Council identified 4 primary areas of grave concern: cloud security, data security, security governance, and lack of cybersecurity talent. EC-Council, the global leader in...
Security Bulletin: IBM Storwize V7000 Unified V1.4.2.1 Includes Fixes for Multiple Vendor Security Vulnerabilities.
Abstract IBM Storwize V7000 Unified includes multiple software components for which the vendors have provided fixes for security vulnerabilities in such components. Content VULNERABILITY DETAILS: CVE ID: Vendor| Vendor ID| Vendor Title| Included CVEs ---|---|---|--- Red Hat| RHSA-2013:1140|...
Evaluating the Security of an Enterprise IoT Deployment at Domino's Pizza
Recently, I had a great opportunity to work with Domino's Pizza to evaluate an internally conceived Internet of Things IoT-based business solution they had designed and deployed throughout their US store locations. The goal of this research project was to understand the security implications arou...
Multi-vendor BIOS Security Vulnerabilities (September 2021) - Lenovo Support US
No description provided...
OWASP Top-10 2021, statistically calculated proposal.
Everybody knows the OWASP Top-10 as well as the fact that it gets updated only every other 3–4 years. With the last update published in 2017, it’s no surprise that a new version is coming this year. During my application security career, I saw OWASP Top-10 at least in 2003, 2004, 2007, 2010, 2013...
RMM software: What is it and do you need it?
As cybersecurity products evolve to better protect against new forms of malware, trickier evasion techniques, and more organized cybercrime campaigns, the practice of cybersecurity evolves, too, providing simple, streamlined methods to manage hundreds of endpoints through one tool: RMM software...
Cisco IOS XE SD-WAN Buffer Overflow Vulnerabilities (cisco-sa-sdwan-bufovulns-B5NrSHbj)
According to its self-reported version, Cisco IOS XE SD-WAN Software is affected by multiple buffer overflow vulnerabilities that allow an unauthenticated, remote attacker to execute attacks against an affected device. Please see the included Cisco BIDs and Cisco Security Advisory for more...
Router Security
This report is six months old, and I dont know anything about the organization that produced it, but it has some alarming data about router security. Conclusion: Our analysis showed that Linux is the most used OS running on more than 90% of the devices. However, many routers are powered by very o...
Cisco NX-OS Software CLI Arbitrary Command Execution (cisco-sa-20180620-nx-os-cli-execution)
According to its self-reported version, Cisco NX-OS Software is affected by a command injection vulnerability exists in CLI parser due to insufficient input validation of command arguments. An authenticated, local attacker can exploit this, via injecting malicious command arguments, to execute...
QNAP NVR/NAS Devices - Buffer Overflow (PoC)
Device Model: QNAP VioStor NVR, QNAP NAS, Fujitsu Celvin NAS May be additional re-branded Attack Vector: Remote Attack Models: 1. Classic Heap Overflows 2. Classic Stack Overflow 3. Heap Feng Shui Overflow 4. "Heack Combo" Heap / Stack Combination Overflow Timeline 07/01/2017: QNAP contacted me...
Threat Outbreak Alert RuleID20858: Email Messages Distributing Malicious Software on February 2, 2016
Medium Alert ID: 43369 First Published: 2016 February 2 14:54 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID20858 may contain the following files: Name |...
Cybersecurity Vulnerabilities Identified in Banking Vendors
In hopes of bolstering security, banks in New York over the next several weeks want to enact new regulations for any third party vendors they do business with. A report released last week pointed out that one in three N.Y. banks don’t require their vendors to notify them in the event they...
Information of Nearly 4,000 Beth Israel Patients at Risk in Stolen Laptop Incident
The information of nearly 4,000 patients at Boston’s Beth Israel Deaconess Medical Center BIDMC may have been leaked according to a report from the Boston Globe over the weekend. A laptop was stolen from the Harvard-associated teaching hospital on May 22 that could yield the incomplete medical...