YouTube video by dj.scottv

The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on thousands of vulnerable instances.

Attackers are using realistic-looking 1Password emails to trick users into handing over their vault logins.

GreyNoise detects 500% spike in Palo Alto login scans, linking it to recent Cisco ASA exploit trends.

A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability in Medusa ransomware attacks for nearly a month.

Enterprise software giant Red Hat is now being extorted by the ShinyHunters gang, with samples of stolen customer engagement reports (CERs) leaked on their data leak site.

In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.109, 9.3.2408.119, and 9.2.2406.122, an unauthenticated attacker could trigger a ...

Explore this post and more from the cybersecurity community

Cyber experts are discovering that low-tech ploys and the minutiae of human life can be some of the best weapons against the all-digital impostor.

With no workaround available, Apple advises all users to install iOS 16.7.12 and iPadOS 16.7.12 without delay.

Microsoft and Cloudflare have disrupted a massive Phishing-as-a-Service (PhaaS) operation, known as RaccoonO365, that helped cybercriminals steal thousands of Microsoft 365 credentials.

Introduction: In the dynamic field of cybersecurity, proficiency with command-line tools is not just an advantage—it's a necessity. From penetration testing to system hardening, the ability to swiftly interrogate systems, networks, and applications forms the bedrock of effective security practices. This guide consolidates critical commands across major platforms to equip both trainees and seasoned professionals with a verified arsenal. Learning Objectives:

YouTube video by dj.scottv

Abusing Windows file names that exceed 260 characters to bypass the EDR's sample collection tool by the pentester. Redteam trick

Explore this post and more from the cybersecurity community

YouTube video by dj.scottv

The identities of confidential court informants are feared compromised in a series of breaches across multiple U.S. states.

Help desk workers from the IT services company Cognizant were directly responsible for an August 2023 cyberattack that disrupted operations at the Clorox Company, the cleaning products giant alleges i...

Discover Sygnia’s investigation into Fire Ant, an advanced cyber-espionage campaign breaching VMware ESXi, vCenter, and network appliances. Learn how the attackers bypassed traditional defenses with h...

Explore this post and more from the cybersecurity community

Huawei will manage and store judicially authorized wiretaps in Spain, under a contract that bucks the trend of Western governments restricting use of the Chinese tech company's products and services.