Share

RSS

More Articles…

• From Secure Online Desktop to Cyberfero: rebranding of the leading cybersecurity company
• NIS: what it is and how it protects cybersecurity
• Advanced persistent threats (APTs): what they are and how to defend yourself
• Penetration Testing and MFA: A Dual Strategy to Maximize Security
• Penetration Testing: Where to Strike to Protect Your IT Network
• Ransomware: a plague that brings companies and institutions to their knees. Should you pay the ransom? Here is the answer.
• Why IT audit and log management are important for Cybersecurity
• Red Team, Blue Team and Purple Team: what are the differences?

Categories …

• Backup as a Service (18)
  • Acronis Cloud Backup (11)
  • Veeam Cloud Connect (4)
• Cloud Conference (3)
• Cloud CRM (1)
• Cloud Server/VPS (22)
• Conferenza Cloud (4)
• Cyberfero (15)
• ICT Monitoring (5)
• Log Management (2)
• News (25)
• ownCloud (4)
• Privacy (7)
• Security (203)
  • Cyber Threat Intelligence (CTI) (8)
  • Deception (4)
  • Ethical Phishing (11)
  • Netwrix Auditor (2)
  • Penetration Test (11)
  • Posture Guard (3)
  • SOCaaS (65)
    • EDR (3)
    • SIEM (13)
    • SOAR (5)
    • UEBA (10)
  • Vulnerabilities (84)
• Web Hosting (15)

Tags

darkreading

• Healthcare Sector Charts 2 More Ransomware Attacks January 30, 2025
  No ransomware groups have yet to claim responsibility for either attack, and both institutions have yet to reveal what may have been stolen.
• New Jailbreaks Allow Users to Manipulate GitHub Copilot January 30, 2025
  Whether by intercepting its traffic or just giving it a little nudge, GitHub's AI assistant can be made to do malicious things it isn't supposed to.
• Automated Pen Testing Is Improving — Slowly January 30, 2025
  The rate of evolution has been glacial, but tools now understand cloud environments and can target Web applications.
• Exposure Management Provider CYE Acquires Solvo January 30, 2025
  The addition of Solvo CSPM to CYE Hyver aims to address the need for multicloud vulnerability monitoring and risk assessment.
• Fake Videos of Former First Lady Scam Namibians January 30, 2025
  Amateurish financial scams are common across Africa, and Namibia's influential former first lady, Monica Geingos, has emerged as a particularly effective host body for these messages.
• PrintNightmare Aftermath: Windows Print Spooler Is Better. What's Next? January 29, 2025
  While Microsoft has boosted the security of Windows Print Spooler in the three years since the disclosure of the PrintNightmare vulnerability, the service remains a spooky threat that organizations cannot afford to ignore.
• Researchers Uncover Lazarus Group Admin Layer for C2 Servers January 29, 2025
  The threat actor is using a sophisticated network of VPNs and proxies to centrally manage command-and-control servers from Pyongyang.
• Unpatched Zyxel CPE Zero-Day Pummeled by Cyberattackers January 29, 2025
  VulnCheck initially disclosed the critical command-injection vulnerability (CVE-2024-40891) six months ago, but Zyxel has yet to mention its existence or offer users a patch to mitigate threats.
• Mirai Variant 'Aquabot' Exploits Mitel Device Flaws January 29, 2025
  Yet another spinoff of the infamous DDoS botnet is exploiting a known vulnerability in active attacks, while its threat actors are promoting it on Telegram for other attackers to use as well, in a DDoS-as-a-service model.
• The Old Ways of Vendor Risk Management Are No Longer Good Enough January 29, 2025
  Managing third-party risk in the SaaS era demands a proactive, data-driven approach beyond checkbox compliance.

Full Disclosure

• Quorum onQ OS - 6.0.0.5.2064 | Reflected Cross Site Scripting (XSS) | CVE-2024-44449 January 30, 2025
  Posted by Shaikh Shahnawaz on Jan 29[+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defense LLC [+] twitter.com/_striv3r_ [Vendor] https://quorum.com/about/ [Product] Quorum onQ OS - 6.0.0.5.2064 Vulnerability Type] Reflected Cross Site Scripting (XSS) [Affected Component] Login page get parameter 'msg' is vulnerable to Reflected Cross site scripting [CVE Reference] CVE-2024-44449 [Security Issue] Cross Site Scripting […]
• Deepseek writes textbook insecure code in 2025-01-28 January 30, 2025
  Posted by Georgi Guninski on Jan 29Asking Deepseek on Jan 28 09:33:11 AM UTC 2025: Write a python CGI which takes as an argument string NAME and outputs "Hello"+NAME The Deepseek AI [3] returned: ==== name = form.getvalue('NAME', 'World') # Default to 'World' if NAME is not provided # Output the HTML response print(f"Hello, {name}!") […]
• Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS) January 30, 2025
  Posted by David Fifield on Jan 29The page https://www.google.com/sorry/index is familiar to Tor and VPN users. It is the one that says "Our systems have detected unusual traffic from your computer network. Please try your request again later." You will frequently be redirected to this page when using Tor Browser, when you do a search […]
• APPLE-SA-01-27-2025-9 Safari 18.3 January 28, 2025
  Posted by Apple Product Security via Fulldisclosure on Jan 27APPLE-SA-01-27-2025-9 Safari 18.3 Safari 18.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122074. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Passwords Available for: macOS Ventura and macOS Sonoma Impact: A malicious […]
• APPLE-SA-01-27-2025-8 tvOS 18.3 January 28, 2025
  Posted by Apple Product Security via Fulldisclosure on Jan 27APPLE-SA-01-27-2025-8 tvOS 18.3 tvOS 18.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122072. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirPlay Available for: Apple TV HD and Apple TV 4K (all […]
• APPLE-SA-01-27-2025-7 watchOS 11.3 January 28, 2025
  Posted by Apple Product Security via Fulldisclosure on Jan 27APPLE-SA-01-27-2025-7 watchOS 11.3 watchOS 11.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122071. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirPlay Available for: Apple Watch Series 6 and later Impact: An […]
• APPLE-SA-01-27-2025-6 macOS Ventura 13.7.3 January 28, 2025
  Posted by Apple Product Security via Fulldisclosure on Jan 27APPLE-SA-01-27-2025-6 macOS Ventura 13.7.3 macOS Ventura 13.7.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122070. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleMobileFileIntegrity Available for: macOS Ventura Impact: An app may […]
• APPLE-SA-01-27-2025-5 macOS Sonoma 14.7.3 January 28, 2025
  Posted by Apple Product Security via Fulldisclosure on Jan 27APPLE-SA-01-27-2025-5 macOS Sonoma 14.7.3 macOS Sonoma 14.7.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122069. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirPlay Available for: macOS Sonoma Impact: A remote attacker […]
• APPLE-SA-01-27-2025-4 macOS Sequoia 15.3 January 28, 2025
  Posted by Apple Product Security via Fulldisclosure on Jan 27APPLE-SA-01-27-2025-4 macOS Sequoia 15.3 macOS Sequoia 15.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122068. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirPlay Available for: macOS Sequoia Impact: An attacker on […]
• APPLE-SA-01-27-2025-3 iPadOS 17.7.4 January 28, 2025
  Posted by Apple Product Security via Fulldisclosure on Jan 27APPLE-SA-01-27-2025-3 iPadOS 17.7.4 iPadOS 17.7.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/122067. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirPlay Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, […]