Category: Security

Parrot Security OS 5.1 Release – What’s New!!

Parrot Security OS 5.1 Release – What’s New!!

It has been officially announced that Parrot OS 5.1 has been released, and Parrot OS 5.1 is now available for download as well. A lot of advancements and updates have been made to this new version to increase the efficiency...

/ September 30, 2022
WARNING: New Unpatched Microsoft Exchange Zero-Day Under Active Exploitation

WARNING: New Unpatched Microsoft Exchange Zero-Day Under Active Exploitation

Security researchers are warning of previously undisclosed flaws in fully patched Microsoft Exchange servers being exploited by malicious actors in real-world attacks to achieve remote code execution on affected systems. That’s according to Vietnamese cybersecurity company GTSC, which discovered the...

/ September 30, 2022
Pentesting and Asset Discovery & Management: Symbiotic Benefit of Complementary Cybersecurity Tools

Pentesting and Asset Discovery & Management: Symbiotic Benefit of Complementary Cybersecurity Tools

Working Together to Provide Comprehensive Cybersecurity Protecting Your Organization from Cybercrime You already know that you need to be proactive regarding cybersecurity to protect your organization’s information and your resources. In 2020 cybercrime cost organizations an average of $4.35 million,...

/ September 29, 2022

Announcing the Results of Hack U.S.

On July 4th, 2022, Chief Digital and Artificial Intelligence Office (CDAO), Directorate for Digital Services (DDS), DoD Cyber Crime Center (DC3), and HackerOne publicly launched the “Hack U.S.” bug bounty challenge, allowing ethical hackers from around the globe to earn...

/ September 29, 2022
The secrets of Schneider Electric’s UMAS protocol

The secrets of Schneider Electric’s UMAS protocol

UMAS (Unified Messaging Application Services) is a proprietary Schneider Electric (SE) protocol used to configure and monitor Schneider Electric PLCs. Schneider Electric controllers that use UMAS include Modicon M580 CPU (part numbers BMEP* and BMEH*) and Modicon M340 CPU (part...

/ September 29, 2022
Chrome 106 Released – Google Fixed 20 Security Bugs – Update Now!

Chrome 106 Released – Google Fixed 20 Security Bugs – Update Now!

The Chrome web browser was recently updated to a new stable version released by Google. Google Chrome’s updated version Chrome 106 offers a number of brand-new features and improvements, and it also includes a number of security updates. The new...

/ September 29, 2022
Scylla Ad Fraud Attack on iOS and Android Users Halted by Apple and Google

Scylla Ad Fraud Attack on iOS and Android Users Halted by Apple and Google

The Satori Threat Intelligence and Research Team at Human identified a new wave of cyberattacks involving the use of malicious applications against iOS and Android users. The alarming fact is that these infected apps boast millions of downloads. The good...

/ September 28, 2022
Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems

Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems

A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office (SOHO) routers, and enterprise servers into its botnet. “Chaos functionality includes the ability...

/ September 28, 2022
Russia Plan a Massive Cyber Attack on Ukraine’s Infrastructure

Russia Plan a Massive Cyber Attack on Ukraine’s Infrastructure

There has been a warning recently issued by the Ukrainian military intelligence service about massive cyberattacks from Russia. As part of its plan to target the critical infrastructure of Ukraine and its allies, Russia plans to conduct massive cyberattacks. It...

/ September 28, 2022
Prilex: the pricey prickle credit card complex

Prilex: the pricey prickle credit card complex

Prilex is a Brazilian threat actor that has evolved out of ATM-focused malware into modular point-of-sale malware. The group was behind one of the largest attacks on ATMs in the country, infecting and jackpotting more than 1,000 machines, while also...

/ September 28, 2022
Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely

Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely

WhatsApp has released security updates to address two flaws in its messaging app for Android and iOS that could lead to remote code execution on vulnerable devices. One of them concerns CVE-2022-36934 (CVSS score: 9.8), a critical integer overflow vulnerability...

/ September 28, 2022
Use Hackerone’s Enhanced Pentest as a Service to Streamline Security Testing

Use Hackerone’s Enhanced Pentest as a Service to Streamline Security Testing

New capabilities improve pentesting to increase attack resistance The enhanced features drive robust security testing practices with the ability to launch, test, identify, retest, and fix vulnerabilities faster and more efficiently than traditional pentests. HackerOne pentests usually launch in just...

/ September 27, 2022