InfoSec News Feeds
Aggregated InfoSec News
Packetstorm
- Feed has no items.
THN
- Researchers Uncover Major Security Flaw in...by info@thehackernews.com (The Hacker News) on 7 January 2025 at 2:22 PM
Cybersecurity researchers have uncovered firmware security vulnerabilities in the Illumina iSeq 100 DNA sequencing instrument that, if successfully exploited, could permit attackers to brick or plant persistent malware on susceptible devices. "The Illumina iSeq 100 used a very outdated […]
- Farewell to the Fallen: The Cybersecurity Stars...by info@thehackernews.com (The Hacker News) on 7 January 2025 at 11:50 AM
It's time once again to pay our respects to the once-famous cybersecurity solutions whose usefulness died in the past year. The cybercriminal world collectively mourns the loss of these solutions and the easy access they provide to victim organizations. These solutions, though celebrated in their […]
- New EAGERBEE Variant Targets ISPs and Governments...by info@thehackernews.com (The Hacker News) on 7 January 2025 at 9:46 AM
Internet service providers (ISPs) and governmental entities in the Middle East have been targeted using an updated variant of the EAGERBEE malware framework. The new variant of EAGERBEE (aka Thumtais) comes fitted with various components that allow the backdoor to deploy additional payloads, […]
PortSwigger
- We’re going teetotal: It’s goodbye to The...on 2 March 2023 at 2:05 PM
PortSwigger today announces that The Daily Swig is closing down
- Bug Bounty Radar // The latest bug bounty...on 28 February 2023 at 7:15 PM
New web targets for the discerning hacker
- Indian transport ministry flaws potentially...on 28 February 2023 at 2:15 PM
Armed with personal data fragments, a researcher could also access 185 million citizens’ PII
Security Affaris
- Threat actors breached the Argentina’s airport...by Pierluigi Paganini on 7 January 2025 at 3:49 PM
Threat actors breached Argentina’s airport security police (PSA) payroll, stealing data and deducting 2,000-5,000 pesos from salaries. Threat actors have breached Argentina’s airport security police (PSA) and compromised the personal and financial data of its officers and civilian personnel. […]
- Moxa router flaws pose serious risks to...by Pierluigi Paganini on 7 January 2025 at 12:27 PM
Moxa warns of two flaws in its routers and security appliances that enable privilege escalation and remote command execution. Moxa addressed privilege escalation and OS command injection vulnerabilities in cellular routers, secure routers, and network security appliances. Below are the descriptions […]
- US adds Tencent to the list of companies...by Pierluigi Paganini on 7 January 2025 at 8:30 AM
US adds Chinese multinational technology and entertainment conglomerate Tencent to the list of companies supporting the Chinese military. The US Department of Defense has added Chinese multinational technology and entertainment conglomerate Tencent to its “Chinese military company” list under […]
HackerOne
- The OWASP Top 10 for LLMs 2025: How GenAI Risks...by Manjesh S. on 18 December 2024 at 9:19 PM
The new OWASP Top 10 for LLMs is here. How has it changed, and how can organizations prevent GenAI risks?
- Breaking Down the OWASP Top 10: Insecure Designby Andrew Pratt on 17 December 2024 at 10:23 PM
Learn about the different types of insecure design vulnerabilities and how to identify them.
- New York Releases AI Cybersecurity Guidance: What...by Ilona Cohen on 16 December 2024 at 9:37 PM
What does New York's new AI Cybersecurity Guidance mean for financial institutions and other regulated companies?
WeLiveSecurity
- Feed has no items.
TheRegister
- Turbulence at UN aviation agency as probe into...by Connor Jones on 7 January 2025 at 5:45 PM
Crime forum-dweller claims to have leaked 42,000 documents packed with personal info The United Nations' aviation agency is investigating "a potential information security incident" after a cybercriminal claimed they had laid hands on 42,000 of the branch's documents.…
- Charter, Consolidated, Windstream reportedly join...by Jessica Lyons on 6 January 2025 at 8:30 PM
Slow drip of compromised telecom networks continues The list of telecommunications victims in the Salt Typhoon cyberattack continues to grow as a new report names Charter Communications, Consolidated Communications, and Windstream among those breached by Chinese government snoops.…
- After China's Salt Typhoon, the reconstruction...by Rupert Goodwins on 6 January 2025 at 9:31 AM
If 40 years of faulty building gets blown down, don’t rebuild with the rubble Opinion When a typhoon devastates a land, it takes a while to understand the scale of the destruction. Disaster relief kicks in, communications rebuilt, and news flows out. Salt Typhoon is no different.…
Security Week
- Feed has no items.
Exploit-DB Updates
- [webapps] SOPlanning 1.52.01 (Simple Online...on 15 November 2024 at 12:00 AM
SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection...on 1 October 2024 at 12:00 AM
reNgine 2.2.0 - Command Injection (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution...on 1 October 2024 at 12:00 AM
dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)on 1 October 2024 at 12:00 AM
openSIS 9.1 - SQLi (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of...on 28 August 2024 at 12:00 AM
Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Invesalius3 - Remote Code Executionon 28 August 2024 at 12:00 AM
Invesalius3 - Remote Code Execution
ABOUT US
RiSec represents an autonomous, non-profit alliance comprising of individuals dedicated to enhancing cybersecurity awareness and education. Read more
Contact us: security@realinfosec.net
Social
Subscribe for weekly updates
Copyright © RiSec 2023 All rights reserved.
All trademarks, logos, images and brand names are the property of their respective owners.