Vulnerability
Under the Radar: Uncovering the Undocumented Bluetooth Backdoor Affecting Billions of Devices
In an era where connectivity is king, billions of devices rely on Bluetooth technology to communicate and interact seamlessly. However, a recent discovery has sent shockwaves through the cybersecurity community,…
Read more
The Unseen Threat: Pre-installed Malware on Android Devices
In the realm of cybersecurity, the emergence of pre-installed malware on Android devices presents a formidable challenge, one that has recently come to light with the discovery of malware on…
Read more
Urgent Alert for Kubernetes Administrators: New RCE Vulnerabilities Uncovered
Kubernetes, the widely adopted container orchestration system, is facing a critical security challenge. Recent findings have uncovered two high-severity vulnerabilities that leave Windows endpoints in Kubernetes clusters wide open to…
Read more
Critical Glibc Flaw Uncovered: A Pathway for Attackers to Gain Root Access on Linux Systems
In a startling revelation on January 31, 2024, the cybersecurity landscape was jolted by the discovery of a significant vulnerability within the GNU C library, commonly known as glibc, which…
Read more
Navigating the Perils of GKE’s “system:authenticated” Group: A Critical Security Insight
Perils of GKE’s “system:authenticated” Group Google Kubernetes Engine (GKE) users, beware: a recent Orca Security report, published on January 24th, 2024, unveils a concerning aspect of GKE cluster authentication and authorization that could…
Read more
Secplicity The 443 Podcast – Episode 272 – Bluetooth Busted
This week's podcast episode focuses on several critical cybersecurity issues: Unauthenticated Keystroke Injection Vulnerability in Bluetooth: The episode starts with an in-depth discussion about a new and alarming vulnerability found…
Read more
Disable SQL Database Integrations 3cx Warns Customers
3CX is warning its customers to disable any SQL database integrations due to potential risks that they describe as a potential vulnerability. even though the security advisory released by 3cx…
Read more
What is the Difference Between Attack Surface Management & Vulnerability Management
With how quickly software and businesses evolve, this causes problems with the traditional IT asset and vulnerability management practices. As a result this has opened a new technological segment known…
Read more
900,000 MikroTik Routers Vulnerable to Total Takeover by Malicious Threat Actors
Mikrotik routers are popular targets for threat actors including nation state groups. Roughly 900,000 devices can be potentially attacked via a prvilege escalation vulnerability in the Router OS firmware. CVE-2023-30788…
Read more
Progress Software’s MOVEit Hack Allows Big Names To Be Hacked
MOVEit is a piece of software which runs either in the cloud or on premises that provides a secure means to share sensitive information and is fully auditable. This software…
Read more