InfoSec News Feeds
Aggregated InfoSec News
Packetstorm
- Corrupted Microsoft Office Documents Used In...on 3 December 2024 at 3:07 PM
- Meta Says It Has Taken Down 20 Covert Influence...on 3 December 2024 at 3:07 PM
- Russia Gives Life Sentence To Hydra Dark Web...on 3 December 2024 at 3:07 PM
THN
- Cisco Warns of Exploitation of Decade-Old ASA...by info@thehackernews.com (The Hacker News) on 3 December 2024 at 12:51 PM
Cisco on Monday updated an advisory to warn customers of active exploitation of a decade-old security flaw impacting its Adaptive Security Appliance (ASA). The vulnerability, tracked as CVE-2014-2120 (CVSS score: 4.3), concerns a case of insufficient input validation in ASA's WebVPN login page that […]
- NachoVPN Tool Exploits Flaws in Popular VPN...by info@thehackernews.com (The Hacker News) on 3 December 2024 at 10:17 AM
Cybersecurity researchers have disclosed a set of flaws impacting Palo Alto Networks and SonicWall virtual private network (VPN) clients that could be potentially exploited to gain remote code execution on Windows and macOS systems. "By targeting the implicit trust VPN clients place in servers, […]
- North Korean Kimsuky Hackers Use Russian Email...by info@thehackernews.com (The Hacker News) on 3 December 2024 at 9:51 AM
The North Korea-aligned threat actor known as Kimsuky has been linked to a series of phishing attacks that involve sending email messages that originate from Russian sender addresses to ultimately conduct credential theft. "Phishing emails were sent mainly through email services in Japan and Korea […]
PortSwigger
- We’re going teetotal: It’s goodbye to The...on 2 March 2023 at 2:05 PM
PortSwigger today announces that The Daily Swig is closing down
- Bug Bounty Radar // The latest bug bounty...on 28 February 2023 at 7:15 PM
New web targets for the discerning hacker
- Indian transport ministry flaws potentially...on 28 February 2023 at 2:15 PM
Armed with personal data fragments, a researcher could also access 185 million citizens’ PII
Security Affaris
- DMM Bitcoin halts operations six months after a...by Pierluigi Paganini on 3 December 2024 at 3:38 PM
The Japanese cryptocurrency platform DMM Bitcoin is closing its operations just six months after a $300 million cyber heist. DMM Bitcoin is a cryptocurrency exchange based in Japan, operated by DMM Group, a large Japanese e-commerce and entertainment conglomerate. Launched in 2018, the platform […]
- Energy industry contractor ENGlobal Corporation...by Pierluigi Paganini on 3 December 2024 at 1:01 PM
ENGlobal Corporation disclosed a ransomware attack, discovered on November 25, disrupting operations, in a filing to the SEC. A ransomware attack disrupted the operations of a major energy industry contractor, ENGlobal Corporation. Founded in 1985, ENGlobal Corporation designs automated control […]
- Poland probes Pegasus spyware abuse under the PiS...by Pierluigi Paganini on 3 December 2024 at 10:00 AM
Poland probes Pegasus spyware abuse under the PiS government; ex-security chief Piotr Pogonowski arrested to testify before parliament. Poland’s government has been investigating the alleged misuse of Pegasus spyware by the previous administration and arrested the former head of Poland’s […]
HackerOne
- Why Retail and E-commerce Organizations Trust...by HackerOne on 27 November 2024 at 6:14 PM
Security leaders at REI, AS Watson, and Mercado Libre explain why retail and e-commerce organizations trust security researchers.
- Network and Information Systems Directive (NIS2)...by Sandeep Singh on 26 November 2024 at 5:43 PM
Learn about the new NIS2 Directive requirements and how to achieve compliance through pentesting, VDP, and bug bounty.
- 5 Insights Attendees Gained from the Security@...by HackerOne on 25 November 2024 at 10:58 PM
Read the top 5 learnings attendees gained by joining one of our Security@ 2024 World Tour events.
WeLiveSecurity
- Feed has no items.
TheRegister
- Severity of the risk facing the UK is widely...by Connor Jones on 3 December 2024 at 11:45 AM
National cyber emergencies increased threefold this year The number of security threats in the UK that hit the country's National Cyber Security Centre's (NCSC) maximum severity threshold has tripled compared to the previous 12 months.…
- Russia gives life sentence to Hydra dark web...by Iain Thomson on 3 December 2024 at 7:29 AM
No exaggeration – literally a ton. Plus, 15 co-conspirators also put behind bars A Russian court has handed a life sentence to the head of the infamous online drugs souk Hydra, and 15 of his co-conspirators will also spend many years behind bars.…
- Data on 760K workers from Xerox, Nokia, BofA,...by Jessica Lyons on 3 December 2024 at 2:57 AM
Yet another result of the MOVEit mess Hundreds of thousands of employees from major corporations including Xerox, Nokia, Koch, Bank of America, Morgan Stanley and others appear to be the latest victims in a massive data breach linked to last year's attacks on file transfer tool MOVEit.…
Security Week
- Feed has no items.
Exploit-DB Updates
- [webapps] SOPlanning 1.52.01 (Simple Online...on 15 November 2024 at 12:00 AM
SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection...on 1 October 2024 at 12:00 AM
reNgine 2.2.0 - Command Injection (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution...on 1 October 2024 at 12:00 AM
dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)on 1 October 2024 at 12:00 AM
openSIS 9.1 - SQLi (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of...on 28 August 2024 at 12:00 AM
Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Invesalius3 - Remote Code Executionon 28 August 2024 at 12:00 AM
Invesalius3 - Remote Code Execution
ABOUT US
RiSec represents an autonomous, non-profit alliance comprising of individuals dedicated to enhancing cybersecurity awareness and education. Read more
Contact us: security@realinfosec.net
Social
Subscribe for weekly updates
Copyright © RiSec 2023 All rights reserved.
All trademarks, logos, images and brand names are the property of their respective owners.