Blog

A significant vulnerability affecting Syrus4 IoT Gateway has emerged, posing a serious threat to the worldwide automotive industry. This vulnerability, capable of giving hackers control over a fleet of vehicles and potentially shutting them down,… Continue Reading

On December 6, 2023, WordPress rolled out version 6.4.2, addressing a vulnerability introduced in version 6.4 – specifically, a POP chain issue within the core. This vulnerability depended on the existence of an additional PHP… Continue Reading

Cyber threats are evolving at an unprecedented pace, and businesses must prioritize partnering with cybersecurity providers that understand these threats and demonstrate a commitment to the highest standards of data security and management. One such example of… Continue Reading

Google has released the December 2023 Android Security Bulletin. Despite the bulletin being released, the awaited Google Pixel December update is yet to be made available. In this Android security bulletin, dated December 5, 2023,… Continue Reading

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a Cybersecurity Advisory (CSA), regarding exploitation of a vulnerability in Adobe ColdFusion, targeting government-related servers. The advisory aims to guide organizations in enhancing their security posture… Continue Reading

In the rapidly evolving digital marketplace, the threat of phishing in e-commerce has become a critical concern. To navigate these treacherous waters, SOCRadar's "E-Commerce Cyber Bible" offers invaluable insights, presenting an in-depth analysis of the… Continue Reading

[Update] December 11, 2023: "CISA Urges Swift Action on Critical Atlassian Vulnerabilities" Atlassian has issued critical security updates addressing multiple vulnerabilities in its suite of products. Identified as CVE-2022-1471, CVE-2023-22522, CVE-2023-22524, and CVE-2023-22523, these vulnerabilities… Continue Reading

The Cybersecurity and Infrastructure Security Agency (CISA) has once again issued a summary of the latest vulnerabilities. The latest CISA vulnerability summary lists vulnerabilities identified between November 24 and December 2, 2023. In this blog… Continue Reading

The first days of December 2023 were rattled by ALPHV/BlackCat ransomware group, known for its sophisticated cyberattacks and recent interesting attack methods. The latest in their series of high-profile breaches is the alleged infiltration on… Continue Reading

Is it really possible for ordinary text to be dangerous or harmful to people or things, unless it is some sort of black magic that unleashes its power when read or spoken, or a text… Continue Reading

[Update] December 5, 2023: See the subheading “CISA Lists Apple Zero-Day Vulnerabilities Under KEV Catalog.” Apple has released emergency security updates to counteract two zero-day vulnerabilities actively exploited in the wild. Tracked as CVE-2023-42916 and… Continue Reading

The Cybersecurity and Infrastructure Security Agency (CISA) has just introduced the Secure by Design Alert series, a proactive step to highlight instances where vulnerabilities or intrusion campaigns could have been prevented by the vendors, through… Continue Reading

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently issued four new advisories for Industrial Control Systems (ICS). CISA released the advisories on November 28, 2023, regarding current security issues, vulnerabilities, and exploits affecting… Continue Reading

Exploitation activity targeting ownCloud with the CVE-2023-49103 vulnerability has been observed, raising concerns within the cybersecurity community. ownCloud, renowned as an open-source file server facilitating secure storage, file-sharing, and collaboration, recently drew attention due to… Continue Reading