Vulnerability

Navigating the Perils of GKE’s “system:authenticated” Group: A Critical Security Insight

Perils of GKE’s “system:authenticated” Group Google Kubernetes Engine (GKE) users, beware: a recent Orca Security report, published on January 24th, 2024, unveils a concerning aspect of GKE cluster authentication and authorization that could…

Read more
Secplicity-The-443-Podcast-272

Secplicity The 443 Podcast – Episode 272 – Bluetooth Busted

This week's podcast episode focuses on several critical cybersecurity issues: Unauthenticated Keystroke Injection Vulnerability in Bluetooth: The episode starts with an in-depth discussion about a new and alarming vulnerability found…

Read more
3cx-Warns-Customers

Disable SQL Database Integrations 3cx Warns Customers

3CX is warning its customers to disable any SQL database integrations due to potential risks that they describe as a potential vulnerability. even though the security advisory released by 3cx…

Read more
What is the Difference Between Attack Surface Management & Vulnerability Management

What is the Difference Between Attack Surface Management & Vulnerability Management

With how quickly software and businesses evolve, this causes problems with the traditional IT asset and vulnerability management practices. As a result this has opened a new technological segment known…

Read more
900,000 MikroTik Routers Vulnerable to Total Takeover by Malicious Threat Actors

900,000 MikroTik Routers Vulnerable to Total Takeover by Malicious Threat Actors

Mikrotik routers are popular targets for threat actors including nation state groups. Roughly 900,000 devices can be potentially attacked via a prvilege escalation vulnerability in the Router OS firmware. CVE-2023-30788…

Read more
MOVEit Hack

Progress Software’s MOVEit Hack Allows Big Names To Be Hacked

MOVEit is a piece of software which runs either in the cloud or on premises that provides a secure means to share sensitive information and is fully auditable. This software…

Read more

Critical Vulnerability in Essential Addons For Elementor Currently Being Exploited By Malicious Threat Actors

On May 11th 2023 the Wordfence (web application firewall, WAF, for wordpress) team was alerted to a critical vulnerability that was found in essential addons for Elementor that has over…

Read more
Threat advisory

Threat Advisory – Critical PaperCut vulnerability being actively exploited

What is PaperCut MF & MG? PaperCut is a piece of software that allows one to manage and minimize printer waste as well as print in a sensitive documents in…

Read more
How to report a security vulnerability responsibily

How To Report A Security Vulnerability Responsibly

Proper disclosure of vulnerabilities is crucial to ensure hackers do not start to exploit end users using the vulnerability in question. It is important that when a vulnerability is found it…

Read more
Critical Zero Day Vulnerability in Chrome Can Allow Your Device To Be Hijacked

Critical Zero Day Vulnerability in Chrome Can Allow Your Device To Be Hijacked

Google is urging users to immediately update chrome due to a critical zero day vulnerability that would allow your device to be hijacked. This security flaw currently in the wild,…

Read more