Simple Attendance System 1.0 SQL Injection
Authored by Abdullah Khawaja Simple Attendance System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication…
Cloudron 6.2 Cross Site Scripting
Authored by Akiner Kisa Cloudron version 6.2 suffers from a cross site scripting vulnerability. advisories | CVE-2021-31721 Change Mirror Download…
Azure Zero-Day Flaws Highlight Lurking Supply-Chain Risk
Dubbed OMIGOD, a series of vulnerabilities in the Open Management Infrastructure used in Azure on Linux demonstrate hidden security threats,…
FBI, CISA, CGCYBER Warn of APTs Targeting CVE-2021-40539
Advanced persistent threat attackers are exploiting a newly identified vulnerability in Zoho ManageEngine ADSelfService Plus, according to a joint advisory…
3 security lessons from an MSP that survived the Kaseya VSA attack
An Indiana-based MSP offers lessons in what needs to change following the Kaseya VSA ransomware attack. Jay Tipton, chief executive…
Ulfius Web Framework Remote Memory Corruption
Authored by Jeremy Brown Ulfius Web Framework suffers from a remote memory corruption vulnerability. When parsing malformed HTTP requests, a…
DMA Softlab Radius Manager 4.4.0 Session Management / Cross Site Scripting
Authored by bnu1s DMA Softlab Radius Manager version 4.4.0 chained exploit written in go that exploits session management and cross…
Why Your Hospital Network Needs an IoT Security Policy
By Marc Laliberte, Technical Security Operations Manager, WatchGuard Technologies The Internet of Things (IoT) industry has a security […] The…
Microsoft warns of a zero-day in Internet Explorer that is actively exploited
Microsoft warns of a zero-day vulnerability in Internet Explorer that is actively exploited by threat actors using weaponized […] The…
FBI IC3 warns of a spike in sextortion attacks
The FBI Internet Crime Complaint Center (IC3) warns of a spike in sextortion attacks since the beginning of […] The…