Does Your Organization Have a Security.txt File?
It happens all the time: Organizations get hacked because there isn't an obvious way for security researchers to let them…
Simple Attendance System 1.0 SQL Injection
Authored by Abdullah Khawaja Simple Attendance System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication…
HTML Smuggling: A Resurgent Cause for Concern
By Vinay Pidathala, Director of Security Research, Menlo Security Cybersecurity is never straightforward. While defense techniques, technologies, policies […] The…
Azure Zero-Day Flaws Highlight Lurking Supply-Chain Risk
Dubbed OMIGOD, a series of vulnerabilities in the Open Management Infrastructure used in Azure on Linux demonstrate hidden security threats,…
FBI, CISA, CGCYBER Warn of APTs Targeting CVE-2021-40539
Advanced persistent threat attackers are exploiting a newly identified vulnerability in Zoho ManageEngine ADSelfService Plus, according to a joint advisory…
3 security lessons from an MSP that survived the Kaseya VSA attack
An Indiana-based MSP offers lessons in what needs to change following the Kaseya VSA ransomware attack. Jay Tipton, chief executive…
DMA Softlab Radius Manager 4.4.0 Session Management / Cross Site Scripting
Authored by bnu1s DMA Softlab Radius Manager version 4.4.0 chained exploit written in go that exploits session management and cross…
Apple fixes actively exploited FORCEDENTRY zero-day flaws
Apple released security patches to fix two zero-day vulnerabilities in iOS and macOS that are actively exploited in […] The…
Why Your Hospital Network Needs an IoT Security Policy
By Marc Laliberte, Technical Security Operations Manager, WatchGuard Technologies The Internet of Things (IoT) industry has a security […] The…
Keeping Health Records Safe from Cyber Criminals
By Dexter Caffey, Founder and CEO, Smart Eye Technology The healthcare industry is currently one of the most […] The…