Hot Topics

Application Security

How did CVE-2024-27198 Lead to Critical Vulnerability in JetBrains?

How did CVE-2024-27198 Lead to Critical Vulnerability in JetBrains?

| | CVE-2024-27198, cyber attacks, Cyber awareness, Cyber Security, Network Security, Penetration Testing, pentesting, VAPT, Vulnerabilities
CVE-2024-27198 Lead to Server Takeover Vulnerabilities The post How did CVE-2024-27198 Lead to Critical Vulnerability in JetBrains? appeared first on Kratikal Blogs ...
Kratikal Blogs

Introducing Ruzzy, a coverage-guided Ruby fuzzer

| | Application Security, fuzzing, Tool Release
By Matt Schwager Trail of Bits is excited to introduce Ruzzy, a coverage-guided fuzzer for pure Ruby code and Ruby C extensions. Fuzzing helps find bugs in software that processes untrusted input ...
Trail of Bits Blog
CNAP, severless architecture, itte Broadcom report cloud security threat

Checkmarx Aligns With Wiz to Improve Application Security

| | Checkmarx, Cloud Security, cloud workload protection, cnapp, Wiz
Checkmarx has integrated its platform for securing application development environments with Wiz's CNAPP ...
Security Boulevard
SCCM Exploitation: Account Compromise Through Automatic Client Push & AD System Discovery 

SCCM Exploitation: Account Compromise Through Automatic Client Push & AD System Discovery 

| | Blog, Cybersecurity, Penetration Testing, pentesting, SCCM, Security Research, Threat & Attack Simulation, Vulnerability Management & Penetration Testing
Author: Marshall Price, Senior Security Consultant TL;DR: The following conditions can lead to compromise of the SCCM client push account […] ...
The Guiding Point | GuidePoint Security
Scary skeletons

Telegram Privacy Nightmare: Don’t Opt In to P2PL

| | 2-step verification, 2fa, 2FA apps, 2FA bypass, 2FA Flaws, 2FA/MFA, Access control and Identity Management, Cloud MFA, digital identity verification, iam, ID verification, MFA, , mfasecurity, Multi-Factor Authentication (MFA), P2P, SB Blogwatch, SMS, SMS messages, SMS Toll Fraud, Telegram, Telegram app, two-factor-authentication.2fa, Verify 2FA
Scary SMS shenanigans: Avoid Telegram’s new “Peer-To-Peer Login” program if you value your privacy or your cellular service ...
Security Boulevard

ChatGPT Plugin Security Vulnerabilities Exploited By Hackers

| | AI Assistants, ChatGPT, Cyber Threats, Cybersecurity, Cybersecurity News, Data breaches, digital security, Encryption Protocols, Hackers, OAuth Workflow, Penetration Testing, Plugin Security, security measures, side-channel attacks, Vulnerabilities, Zero-click Attacks
In the realm of cybersecurity, constant vigilance is paramount as threat actors perpetually seek novel ways to exploit vulnerabilities. Recent research has shed light on a concerning trend: the potential misuse of ...
TuxCare

Linux Kernel 6.8 Released: New Features and Hardware Support

| | AppArmor, KernelCare Enterprise, Linear Address Masking, Linux & Open Source News, linux distros, Linux kernel, linux kernel 6.8, Linux Kernel features, linux kernel patching, Linux Kernel Release Candidate, Linux Kernel Security, linux kernel updates, linux live patching, linux systems, live patching, open source
Linus Torvalds recently announced the release of Linux kernel 6.8, the latest stable version of the Linux kernel. This update brings a plethora of new features and improvements, making it a significant ...
TuxCare
A green worm on a juicy red apple

Apple M-Series FAIL: GoFetch Flaw Finds Crypto Keys

| | Apple, apple bug, Apple Data Security, apple hack, apple hacker, Apple iOS, Apple iPad, ARM, cache, dmp, GoFetch, iPad, M1, M2, M3, Macintosh, macos, SB Blogwatch
GoFAIL: Researchers worm their way into broken cache-filling microcode in most Macs and iPads ...
Security Boulevard
AppSec, AI, API app Google application security AppSec

Application Security for Dummies: The Only Way Forward

| | Application Security, Cybersecurity, Security Usability, User-Friendly Security, ux-design
To improve application security, we must make security so stupid that anyone can do it, and that applies up and down the stack ...
Security Boulevard
Workshop: Custom Security Tests for API Security

Workshop “How to write custom security tests” – Main Takeaways

| | API security, Application Security, Workshop
Discover the main takeaways from our latest workshop on how to write custom security tests for API security ...
Escape - The API Security Blog
Load more