Shocking SQL Injection in TSA App & Bitcoin ATM Scams Targeting Seniors

Shocking SQL Injection in TSA App, Bitcoin ATM Scams Targeting Seniors

This week, we discuss a critical SQL injection vulnerability discovered in an app used by the TSA, raising ethical questions about responsible disclosure. Plus, we shed light on the alarming rise of ...

SQL Injection Attack on Airport Security

Interesting vulnerability: …a special lane at airport security called Known Crewmember (KCM). KCM is a TSA program that allows pilots and flight attendants to bypass security screening, even when flying on domestic ...

LayerSlider Plugin Flaw Exposes 1M Sites To SQL Injections

Recent media reports have revealed a crucial LayerSlider plugin flaw. According to these reports, this flaw has exposed numerous WordPress sites to SQL attacks and infections. If exploited, the flaw allows users ...

CISA and FBI Issue Alert on SQL Injection Vulnerabilities

SQL injection vulnerabilities, often abbreviated as SQLi, persist as a significant issue in commercial software products. In response to a recent highly publicized malicious campaign exploiting SQLi vulnerabilities in a managed file ...
Getting rid of a 20+ year old known vulnerability: It’s like a PSA for Runtime Security

Getting rid of a 20+ year old known vulnerability: It’s like a PSA for Runtime Security

On Wednesday, March 27, CISA and the FBI issued a cry for help: We need to stamp out SQL injection vulnerabilities, and we need to do it yesterday, they said in a ...

Nagios XI Network Monitoring Software Flaws Exposed

A number of Nagios XI network monitoring software flaws have recently been discovered. These flaws have the potential to result in privilege escalation and data disclosure. Nagios XI is a popular monitoring ...
WAF cybersecurity limitations and alternatives | Contrast Security

WAF cybersecurity limitations and alternatives | Contrast Security

Why WAFs leave you adrift in the treacherous waters of cybersecurity In the ever-shifting currents of the cybersecurity ocean, debates about the relevance and effectiveness of various defense mechanisms continue to surface, ...

The Dark Side of Web Development: Why You Should Be Prioritizing Shadow Code

In the fast-paced world of web development, staying ahead of the curve is paramount, as developers are frequently under pressure to deliver products and functionalities quickly and efficiently. To meet accelerated timelines, ...
MOVEit supply chain cloud security manufacturing remote

MOVEit Attack Strikes US and State Governments

A global attack campaign fueled by a vulnerability in MOVEit Transfer, a popular file transfer application, has now struck the U.S. Department of Energy, several other U.S. agencies and a spate of ...
Security Boulevard