Vulnerabilities
Security Vulnerability in Saflok’s RFID-Based Keycard Locks
It’s pretty devastating: Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security ...
How Malware Facilitates Online Financial Fraud and Threatens Corporate Security
Malware stands as a formidable tool in the arsenal of cybercriminals, facilitating online financial fraud with alarming efficiency and sophistication. This malicious software, designed to damage or disable computers, now targets the ...
ChatGPT Plugin Security Vulnerabilities Exploited By Hackers
In the realm of cybersecurity, constant vigilance is paramount as threat actors perpetually seek novel ways to exploit vulnerabilities. Recent research has shed light on a concerning trend: the potential misuse of ...
China Steals Defense Secrets ‘on Industrial Scale’
UNC5174 ❤ UNC302: CVSS 10 and 9.8 vulnerabilities exploited by Chinese threat actor for People’s Republic ...
VulnCheck’s Free Community KEV & CVE APIs (Code & Golang CLI Utility)
VulnCheck has some new, free API endpoints for the cybersecurity community. Two extremely useful ones are for their extended version of CISA’s KEV, and an in-situ replacement for NVD’s sad excuse for ...
Unsafelok Threat Highlights It’s About Both IoT Devices and Applications
IoT devices and applications exist all over the place, and in high volume. Today’s news brought yet another example of how the scale of IoT systems leads to the conclusion that their ...
Apple M-Series FAIL: GoFetch Flaw Finds Crypto Keys
GoFAIL: Researchers worm their way into broken cache-filling microcode in most Macs and iPads ...
EPA and White House Raise Alarm on Water Cybersecurity
Iran and China fingered: Biden admin. chides governors: Water infra. lacks “even basic cybersecurity precautions.” ...
How Real-Time Personal Cybersecurity Incident Response Mitigates Lateral Attacks for Corporate Executives
The cybersecurity landscape is more volatile and complex than ever before. Corporate executives, often targeted due to their high-profile positions and access to sensitive information, find themselves at the forefront of cyber ...
CISA Adds JetBrains TeamCity Vulnerability To KEV Catalog
The US Cybersecurity and Infrastructure Security Agency (CISA) has flagged a critical JetBrains TeamCity vulnerability, emphasizing the urgent need for users to take preventive measures. The recently discovered flaw has been added ...