Month: September 2022
New Microsoft Exchange Zero-Day RCE Bug Actively Exploited by Hackers
New zero-day bugs existing in Microsoft Exchange that are not disclosed yet publicly are being exploited by the threat actors in order to perform remote code execution on affected systems. These attacks are first spotted by security experts at Vietnamese...
Microsoft Confirms Two 0-Days Being Exploited Against Exchange Servers
A Vietnam-based cybersecurity company reported that cybercriminals are actively eyeing Microsoft zero-day vulnerabilities, particularly CVE-2022-41040 and CVE-2022-41082, to target MS Exchange servers. The company observed attacks exploiting these vulnerabilities. New Attack Campaign Targeting Exchange Servers GTSC is a Vietnamese firm...
Hackers are helping protests against Iranâs government
Posted on September 30, 2022 at 6:20 PM Amid ongoing turmoil in Iran, Telegram and many other tools are being used to help anti-government protesters circumvent regime restrictions. As protest movements emerged in Iran over the killing in detention of...
Parrot Security OS 5.1 Release – What’s New!!
It has been officially announced that Parrot OS 5.1 has been released, and Parrot OS 5.1 is now available for download as well. A lot of advancements and updates have been made to this new version to increase the efficiency...
New suspected Chinese malware is attacking Linux and Windows
Posted on September 30, 2022 at 6:58 AM Chaos hackers can launch various hacking attacks against Linux and Windows frameworks. The first document discovered by investigators was released on the 16th of April 2022, the exact date the first cluster...
WARNING: New Unpatched Microsoft Exchange Zero-Day Under Active Exploitation
Security researchers are warning of previously undisclosed flaws in fully patched Microsoft Exchange servers being exploited by malicious actors in real-world attacks to achieve remote code execution on affected systems. That’s according to Vietnamese cybersecurity company GTSC, which discovered the...
What is User Flow and how to make one?
User Flow is a technique that allows you to quickly map the entire flow of screens on your website or application – and diagramming is indispensable for mastering user experience. This technique aims to align the paths and actions that...
Detectify Raises $10M in Follow-On Funding to Accelerate External Attack Surface Management Powered by Elite Ethical Hackers
Insight Partners leads investment; Funding used to further enhance 99.7% accurate EASM vulnerability assessments STOCKHOLM – September 29, 2022 – Detectify, the External Attack Surface Management platform powered by elite ethical hackers, today announced it has raised $10 million in...
Pentesting and Asset Discovery & Management: Symbiotic Benefit of Complementary Cybersecurity Tools
Working Together to Provide Comprehensive Cybersecurity Protecting Your Organization from Cybercrime You already know that you need to be proactive regarding cybersecurity to protect your organization’s information and your resources. In 2020 cybercrime cost organizations an average of $4.35 million,...
Announcing the Results of Hack U.S.
On July 4th, 2022, Chief Digital and Artificial Intelligence Office (CDAO), Directorate for Digital Services (DDS), DoD Cyber Crime Center (DC3), and HackerOne publicly launched the “Hack U.S.” bug bounty challenge, allowing ethical hackers from around the globe to earn...
The secrets of Schneider Electric’s UMAS protocol
UMAS (Unified Messaging Application Services) is a proprietary Schneider Electric (SE) protocol used to configure and monitor Schneider Electric PLCs. Schneider Electric controllers that use UMAS include Modicon M580 CPU (part numbers BMEP* and BMEH*) and Modicon M340 CPU (part...
Chrome 106 Released – Google Fixed 20 Security Bugs – Update Now!
The Chrome web browser was recently updated to a new stable version released by Google. Google Chrome’s updated version Chrome 106 offers a number of brand-new features and improvements, and it also includes a number of security updates. The new...
