Vulnerability
Navigating the Perils of GKE’s “system:authenticated” Group: A Critical Security Insight
Perils of GKE’s “system:authenticated” Group Google Kubernetes Engine (GKE) users, beware: a recent Orca Security report, published on January 24th, 2024, unveils a concerning aspect of GKE cluster authentication and authorization that could…
Read moreSecplicity The 443 Podcast – Episode 272 – Bluetooth Busted
This week's podcast episode focuses on several critical cybersecurity issues: Unauthenticated Keystroke Injection Vulnerability in Bluetooth: The episode starts with an in-depth discussion about a new and alarming vulnerability found…
Read moreDisable SQL Database Integrations 3cx Warns Customers
3CX is warning its customers to disable any SQL database integrations due to potential risks that they describe as a potential vulnerability. even though the security advisory released by 3cx…
Read moreWhat is the Difference Between Attack Surface Management & Vulnerability Management
With how quickly software and businesses evolve, this causes problems with the traditional IT asset and vulnerability management practices. As a result this has opened a new technological segment known…
Read more900,000 MikroTik Routers Vulnerable to Total Takeover by Malicious Threat Actors
Mikrotik routers are popular targets for threat actors including nation state groups. Roughly 900,000 devices can be potentially attacked via a prvilege escalation vulnerability in the Router OS firmware. CVE-2023-30788…
Read moreProgress Software’s MOVEit Hack Allows Big Names To Be Hacked
MOVEit is a piece of software which runs either in the cloud or on premises that provides a secure means to share sensitive information and is fully auditable. This software…
Read moreCritical Vulnerability in Essential Addons For Elementor Currently Being Exploited By Malicious Threat Actors
On May 11th 2023 the Wordfence (web application firewall, WAF, for wordpress) team was alerted to a critical vulnerability that was found in essential addons for Elementor that has over…
Read moreThreat Advisory – Critical PaperCut vulnerability being actively exploited
What is PaperCut MF & MG? PaperCut is a piece of software that allows one to manage and minimize printer waste as well as print in a sensitive documents in…
Read moreHow To Report A Security Vulnerability Responsibly
Proper disclosure of vulnerabilities is crucial to ensure hackers do not start to exploit end users using the vulnerability in question. It is important that when a vulnerability is found it…
Read moreCritical Zero Day Vulnerability in Chrome Can Allow Your Device To Be Hijacked
Google is urging users to immediately update chrome due to a critical zero day vulnerability that would allow your device to be hijacked. This security flaw currently in the wild,…
Read more