SEC Consult SA-20240522-0 :: Broken access control & API Information Exposure in 4BRO App
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 23 SEC Consult Vulnerability Lab Security Advisory < 20240522-0 > ======================================================================= title: Broken access control...
[CFP] Security BSides Ljubljana 0x7E8 | September 27, 2024
Posted by Andraz Sraka on May 23 MMMMMMMMMMMMMMMMNmddmNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM MMN..-..--+MMNy:...-.-/yNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM MMy..ymd-.:Mm::-:osyo-..-mMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM MM:..---.:dM/..+NNyyMN/..:MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM Mm../dds.-oy.-.dMh--mMds++MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM My:::::/ydMmo..-hMMMmo//omMs/+Mm+++++shNMN+//+//+oMNy+///ohM MMMs//yMNo+hMh---m:-:hy+sMN..+Mo..os+.-:Ny--ossssdN-.:yyo+mM... Read More
UK Government ponders major changes to ransomware response – what you need to know
The British Government is proposing sweeping change in its approach to ransomware attacks, proposing mandatory reporting by victims and licensing regime for all payments. Read...
A Vulnerability in GitHub Enterprise Server (GHES) Could Allow for Authentication Bypass
A vulnerability has been discovered in GitHub Enterprise Server (GHES), which could allow for authentication bypass. GHES is a popular platform for software developers. Organizations...
USN-6785-1: GNOME Remote Desktop vulnerability
Matthias Gerstner discovered that GNOME Remote Desktop incorrectly performed certain user validation checks. A local attacker could possibly use this issue to obtain sensitive information,...
Cybercriminals Exploit Cloud Storage For SMS Phishing Scams
According to Enea, these campaigns use cloud storage platforms to host malicious websites, sending links via SMS to bypass firewalls Read More
Indian Election Faces Cyber-Attacks, Data Leaks on Dark Web
Resecurity reported a 300% spike in cyber-attacks post-#OpIsrael, intensifying since #OpIndia last year Read More
10 years in prison for $4.5 million BEC scammer who bought Ferrari to launder money
A scammer has been sentenced to 10 years in prison for laundering over US $4.5 million obtained by targeting businesses and the elderly with Business...
USN-6784-1: cJSON vulnerabilities
It was discovered that cJSON incorrectly handled certain input. An attacker could possibly use this issue to cause cJSON to crash, resulting in a denial...
NVD Leaves Exploited Vulnerabilities Unchecked
Over half of CISA’s known exploited vulnerabilities disclosed since February 2024 have not yet been analyzed by NIST’s National Vulnerability Database Read More