Vulnerability

Phantom Speculation and Training in Transient Execution are two novel techniques that have been identified to leak arbitrary information from all modern CPUs. A new technique called "Inception" has emerged from the combination of these...

The top 5 security vulnerabilities for 2023 have been revealed by a recent study, with Apache and OpenSSH services being the most vulnerable. MOVEit and Barracuda Networks' attacks on the email supply chain have had...

SAP has released patches for 16 vulnerabilities with Critical, High, Medium, and Low severities. The CVSS scores for these vulnerabilities are between 3.7 (Low) to 9.8 (Critical) which contributes to 1 Critical, 6 High,...

According to reports, the threat group known as “Nobelium” who were responsible for the SolarWinds attacks is now discovered to be targeting Microsoft tenants through the new Cross-Tenant Synchronisation (CTS) feature introduced by Microsoft. CTS...

Using fake certificates, attackers gain unauthorized access to corporate network resources.  Attackers use such certificates to trick the Key Distribution Center (KDC) to get into the target company's network. Shadow Credentials are an example of such...

There is a critical vulnerability in Ivanti's MobileIron Core 11.2 version that could allow a malicious actor to gain unauthorized access to restricted functions. MobileIron core is a product of Ivanti that allows users to...

QNAP operating systems are robust, user-friendly software platforms that power NAS and NVR devices. QNAP offers four operating systems, and here below we have mentioned them:- QTS QuTS hero QuTScloud QES Since the wide use of its operating systems...

Exfiltration of data from disposed electronic devices has been one of the various techniques used by threat actors for stealing sensitive information about an organization. This information is then used to gain unauthorized access...

Trust Wallet made a significant announcement on November 14th, 2022, unveiling its newly launched browser extension for wide usage. The browser extension grants direct access to digital assets on multiple blockchains, a highly anticipated complement...

An Open-redirect vulnerability was discovered by IBM, which could allow threat actors to spoof the original URL of IBM Security Verify Access to lure victims into a malicious website and steal sensitive information. IBM Security...