Blog
RCE Vulnerability in Atlassian Bamboo Data Center and Server
This flaw, present in versions 9.1.0 through 9.6.0, allows authenticated attackers to execute arbitrary code within the Bamboo environment, posing risks to confidentiality, integrity, and availability.
Spring Security Flaw Leaves Applications Open to Unauthorized Access
A high-severity vulnerability (CVE-2024-38810) has been discovered in Spring Security, potentially allowing unauthorized access to sensitive data within affected applications. The vulnerability impacts Spring Security versions 6.3.0 and 6.3.1.
Rising Abuse of URL Rewriting in Phishing
The abuse of URL rewriting in phishing attacks has emerged as a new trend, allowing threat actors to hide malicious links behind trusted domains of security vendors. Exploiting these features enables bypassing detection mechanisms.
CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new phishing attacks that aim to infect devices with malware. The activity has been attributed to a threat cluster it tracks as UAC-0020, which is also known as Vermin. The exact scale and scope...
GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk
A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks. The flaw, tracked as CVE-2024-5932 (CVSS score: 10.0), impacts all versions of the...
Czech Mobile Users Targeted in New Banking Credential Theft Scheme
Mobile users in the Czech Republic are the target of a novel phishing campaign that leverages a Progressive Web Application (PWA) in an attempt to steal their banking account credentials. The attacks have targeted the Czech-based Československá obchodní banka (CSOB),...
Detecting AWS Account Compromise: Key Indicators in CloudTrail Logs for Stolen API Keys
As cloud infrastructure becomes the backbone of modern enterprises, ensuring the security of these environments is paramount. With AWS (Amazon Web Services) still being the dominant cloud it is important for any security professional to know where to look for signs of...
Africa’s Economies Feel Pain of Cybersecurity Deficit
Cybercrime is a growing threat to Africa's economies, hindering their progress despite rapid GDP growth. The continent faces challenges like digital illiteracy and a shortage of cybersecurity professionals.
Africa’s Economies Feel Pain of Cybersecurity Deficit
Cybercrime is a growing threat to Africa's economies, hindering their progress despite rapid GDP growth. The continent faces challenges like digital illiteracy and a shortage of cybersecurity professionals.
Africa’s Economies Feel Pain of Cybersecurity Deficit
Cybercrime is a growing threat to Africa's economies, hindering their progress despite rapid GDP growth. The continent faces challenges like digital illiteracy and a shortage of cybersecurity professionals.
FREE GUIDE