Full Disclosure – Fastly
Posted by Andrey Stoykov on Mar 11 Correspondence from Fastly declined to comment regarding new discovered vulnerabilities within their website. Poor practices regarding password changes....
Full Disclosure – Shopify Application
Posted by Andrey Stoykov on Mar 11 Correspondence from Shopify declined to comment regarding new discovered vulnerabilities within their website. Although 'frontend' vulnerabilities are considered...
CVE-2013-10021
A vulnerability was found in dd32 Debug Bar Plugin up to 0.8. It has been declared as problematic. Affected by this vulnerability is the function...
Friday Squid Blogging: Chinese Squid Fishing in the Southeast Pacific
Chinese squid fishing boats are overwhelming Ecuador and Peru. As usual, you can also use this squid post to talk about the security stories in...
CVE-2022-20929
A vulnerability in the upgrade signature verification of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, local attacker to provide an unauthentic upgrade...
CVE-2021-27788
HCL Verse is susceptible to a Cross Site Scripting (XSS) vulnerability. By tricking a user into clicking a crafted URL, a remote unauthenticated attacker could...
CVE-2020-5002
IBM Financial Transaction Manager 3.2.0 through 3.2.10 could allow an authenticated user to perform unauthorized actions due to improper validation. IBM X-Force ID: 192954. Read...
Elephant Hackers
An elephant uses its right-of-way privileges to stop sugar-cane trucks and grab food. Read More
BrandPost: Cybersecurity Automation: Leveling the Playing Field
Many things challenge how we practice cybersecurity these days. Digital transformation has brought significant adoption of new technology and business models, including cloud solutions, e-commerce...
New variant of the IceFire ransomware targets Linux enterprise systems
A novel Linux version of the IceFire ransomware that exploits a vulnerability in IBM's Aspera Faspex file-sharing software has been identified by SentinelLabs, a research division...