CISA Urges Manufacturers Eliminate Default Passwords to Thwart Cyber Threats
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging manufacturers to get rid of default passwords on internet-exposed systems altogether, citing severe risks...
Hackers are Silently Piercing Through Retail Organizations
The coronavirus epidemic has caused a sudden shift to online shopping. Taking advantage of this boom, attackers are regularly attempting to break into the...
Ivanti Vulnerability Exploited to Install ‘DSLog’ Backdoor on 670+ IT Infrastructures
Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog...
(Cyber) Risk = Probability of Occurrence x Damage
Here's How to Enhance Your Cyber Resilience with CVSS
In late 2023, the Common Vulnerability Scoring System (CVSS) v4.0 was unveiled, succeeding the eight-year-old CVSS...
Third-Party ChatGPT Plugins Could Lead to Account Takeovers
Cybersecurity researchers have found that third-party plugins available for OpenAI ChatGPT could act as a new attack surface for threat actors looking to gain...
U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core...
Alert: Water Curupira Hackers Actively Distributing PikaBot Loader Malware
A threat actor called Water Curupira has been observed actively distributing the PikaBot loader malware as part of spam campaigns in 2023."PikaBot's operators ran...
New Malicious PyPI Packages Caught Using Covert Side-Loading Tactics
Cybersecurity researchers have discovered two malicious packages on the Python Package Index (PyPI) repository that were found leveraging a technique called DLL side-loading to...
NMAP : Tutorial
Network mapped (nmap) is a network scanning and host detection tool that is very useful in the course of numerous steps of penetration checking...
Beware: GitHub’s Fake Popularity Scam Tricking Developers into Downloading Malware
Threat actors are now taking advantage of GitHub's search functionality to trick unsuspecting users looking for popular repositories into downloading spurious counterparts that serve...