PoC for easily exploitable Fortra GoAnywhere MFT vulnerability released (CVE-2024-0204)
Proof-of-concept (PoC) exploit code for a critical vulnerability (CVE-2024-0204) in Fortra’s GoAnywhere MFT solution has been made public, sparking fears that attackers …
11 search engines for cybersecurity research you can use right now
Staying ahead in cybersecurity requires constant learning and adaptation. If you’re interested in cybersecurity research, explore the resources outlined below. …
8 open-source OSINT tools you should try
Open-Source Intelligence (OSINT) refers to gathering, assessing, and interpreting public information to address specific intelligence queries. All the tools listed here are …
7 free cybersecurity resources you need to bookmark
CodeSec CodeSec is a CLI based tool which brings Contrast’s enterprise-level security testing right to your laptop. It allows you to run real-time SAST or Serverless …
Combatting OpSec threats to our COVID-19 vaccination efforts: What can we do?
COVID-19 vaccines have been rolling out for a few months now, but the nature of the pandemic and the number of people impacted by it mean that demand for these vaccines is …
VMware fixes critical vCenter Server RCE vulnerability, urges immediate action (CVE-2021-21985)
VMware has patched two vulnerabilities (CVE-2021-21985, CVE-2021-21986) affecting VMware vCenter Server and VMware Cloud Foundation and is urging administrators to implement …
RDP and VPN use soars, increasing enterprise cyber risk
As COVID-19 slowly spread across the globe, consumer demand for commercial virtual private network (VPN) services has soared – both for security reasons and for …
Flaw in Iomega, LenovoEMC NAS devices exposes millions of files on the Internet
A vulnerability in legacy Iomega and LenovoEMC network-attached storage (NAS) devices has led to many terabytes of potentially sensitive data being accessible to anyone via …
Vulnerable ship systems: Many left exposed to hacking
Pen Test Partners’ Ken Munro and his colleagues – some of which are former ship crew members who really understand bridge and propulsion systems – have been …
Are attackers harnessing your Redis server?
Earlier this year security researchers warned about vulnerable Apache Solr, Redis, and Windows servers hit with cryptominers. Imperva now says that that are still too many …
AutoSploit: Automated mass exploitation of remote hosts using Shodan and Metasploit
A “cyber security enthusiast” that goes by VectorSEC on Twitter has published AutoSploit, a Python-based tool that takes advantage of Shodan and Metasploit modules …
Are your connected devices searchable on the Internet?
Despite being a hub for technology talent, Berliners are leaving themselves wide open to cyberattack through poor security practices that are exposing millions of cyber …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments