InfoSec News Feeds
Aggregated InfoSec News
Packetstorm
- Feed has no items.
THN
- Unsecured Tunneling Protocols Expose 4.2 Million...by info@thehackernews.com (The Hacker News) on 20 January 2025 at 3:08 PM
New research has uncovered security vulnerabilities in multiple tunneling protocols that could allow attackers to perform a wide range of attacks. "Internet hosts that accept tunneling packets without verifying the sender's identity can be hijacked to perform anonymous attacks and provide access to […]
- DoNot Team Linked to New Tanzeem Android Malware...by info@thehackernews.com (The Hacker News) on 20 January 2025 at 2:53 PM
The Threat actor known as DoNot Team has been linked to a new Android malware as part of highly targeted cyber attacks. The artifacts in question, named Tanzeem (meaning "organization" in Urdu) and Tanzeem Update, were spotted in October and December 2024 by cybersecurity company Cyfirma. The apps […]
- ⚡ THN Weekly Recap: Top Cybersecurity Threats,...by info@thehackernews.com (The Hacker News) on 20 January 2025 at 12:02 PM
As the digital world becomes more complicated, the lines between national security and cybersecurity are starting to fade. Recent cyber sanctions and intelligence moves show a reality where malware and fake news are used as tools in global politics. Every cyberattack now seems to have deeper […]
PortSwigger
- We’re going teetotal: It’s goodbye to The...on 2 March 2023 at 2:05 PM
PortSwigger today announces that The Daily Swig is closing down
- Bug Bounty Radar // The latest bug bounty...on 28 February 2023 at 7:15 PM
New web targets for the discerning hacker
- Indian transport ministry flaws potentially...on 28 February 2023 at 2:15 PM
Armed with personal data fragments, a researcher could also access 185 million citizens’ PII
Security Affaris
- Esperts found new DoNot Team APT group’s...by Pierluigi Paganini on 20 January 2025 at 8:35 PM
Researchers linked the threat actor DoNot Team to a new Android malware that was employed in highly targeted cyber attacks. CYFIRMA researchers linked a recently discovered Android malware to the Indian APT group known as DoNot Team. The Donot Team (aka APT-C-35 and Origami Elephant) has been […]
- Malicious npm and PyPI target Solana Private keys...by Pierluigi Paganini on 20 January 2025 at 12:32 PM
Researchers found malicious npm and PyPI packages capable of stealing and deleting sensitive data from infected systems. Socket researchers have identified multiple packages in the npm and Python Package Index (PyPI) repository designed to target Solana private keys and drain funds from victims’ […]
- Planet WGS-804HPT Industrial Switch flaws could...by Pierluigi Paganini on 20 January 2025 at 12:27 AM
Critical flaws in WGS-804HPT switches could be chained to gain remote code execution on Planet Technology’s industrial devices. The Planet WGS-804HPT industrial switch is used in building and home automation networks to provide connectivity of Internet of things (IoT) devices, IP surveillance […]
HackerOne
- A Partial Victory for AI Researchersby Ilona Cohen on 10 January 2025 at 6:37 PM
What is the Digital Millennium Copyright Act and what are the implications of its recent ruling for AI researchers?
- ROI Isn’t Cutting It: 6 Questions to Help CISOs...by Naz Bozdemir on 7 January 2025 at 7:07 PM
Why ROI is not the most effective method to quantify cybersecurity investments — and how ROM can help.
- The OWASP Top 10 for LLMs 2025: How GenAI Risks...by Manjesh S. on 18 December 2024 at 9:19 PM
The new OWASP Top 10 for LLMs is here. How has it changed, and how can organizations prevent GenAI risks?
WeLiveSecurity
- Feed has no items.
TheRegister
- Ransomware attack forces Brit high school to shut...by Connor Jones on 20 January 2025 at 12:03 PM
Students have work to complete at home in the meantime A UK high school will have to close for at least two days, today and tomorrow, after becoming the latest public-sector victim of ransomware criminals.…
- Fortinet: FortiGate config leaks are genuine but...by Connor Jones on 17 January 2025 at 6:32 PM
Competition hots up with Ivanti over who can have the worst start to a year Fortinet has confirmed that previous analyses of records leaked by the Belsen Group are indeed genuine FortiGate configs stolen during a zero-day raid in 2022.…
- Medusa ransomware group claims attack on UK's...by Connor Jones on 17 January 2025 at 10:30 AM
Pastes allegedly stolen documents on leak site with £600K demand Another year and yet another UK local authority has been pwned by a ransomware crew. This time it's Gateshead Council in North East England at the hands of the Medusa group.…
Security Week
- Feed has no items.
Exploit-DB Updates
- [webapps] SOPlanning 1.52.01 (Simple Online...on 15 November 2024 at 12:00 AM
SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection...on 1 October 2024 at 12:00 AM
reNgine 2.2.0 - Command Injection (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution...on 1 October 2024 at 12:00 AM
dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)on 1 October 2024 at 12:00 AM
openSIS 9.1 - SQLi (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of...on 28 August 2024 at 12:00 AM
Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Invesalius3 - Remote Code Executionon 28 August 2024 at 12:00 AM
Invesalius3 - Remote Code Execution
ABOUT US
RiSec represents an autonomous, non-profit alliance comprising of individuals dedicated to enhancing cybersecurity awareness and education. Read more
Contact us: security@realinfosec.net
Social
Subscribe for weekly updates
Copyright © RiSec 2023 All rights reserved.
All trademarks, logos, images and brand names are the property of their respective owners.