Wednesday, December 25, 2024

Vulnerability Analysis

Over 60,000 Online Exchange Servers Unpatched for RCE Vulnerability ProxyNotShell

One of the two security flaws targeted by ProxyNotShell exploits, CVE-2022-41082 RCE vulnerability, has not been patched on more than 60,000 Microsoft Exchange servers,...

Google Home Smart Speaker Flaw Let Attackers Spy on User Conversations

The Google Home smart speaker was hacked recently by a security analyst (Matt Kunze) who found that there is a flaw that could allow...

A New Linux Flaw Lets Attackers Gain Full Root Privilege

The Threat Research Unit at Qualys’ has revealed how a new Linux flaw tracked as (CVE-2022-3328),  may be combined with two other, seemingly insignificant...

High-Severity RCE Bug in F5 Products Let Attackers Hack the Complete Systems

Experts from Rapid7 observed a customized CentOS installation operating on F5 BIG-IP and BIG-IQ devices found to have various vulnerabilities. While the other flaws are...

JSRAT – Secret Command & Control Channel Backdoor to Control Victims Machine Using JavaScript

JsRat is python based script developed to backdoor victim machine using JavaScript payloads and the HTTP protocol for communication between the server and the target...

Benefits of Vulnerability Assessment – A Detailed Guide

We all know that vulnerability assessment is very important nowadays, and that's why most of the companies use this assessment. Whether the company is...

Cisco Released Security Updates for 2 Vulnerabilities that allows Hackers to Compromise Cisco Wireless Routers

Cisco released security updates for 2 severe vulnerabilities that affected Cisco wireless VPN, Firewall and Cisco Webex Meetings Desktop App.First one is a...

Inviteflood- Tool Used to Perform DOS Attack on VOIP Network

Inviteflood is a tool to perform SIP/SDP INVITE message flooding over UDP/IP to perform DOS Attack. This tool can be utilized to flood a target with...