Pacosite's Blog

Comunicaciones, Linux, Tecnología e Internet

Beware bogus Betas – cryptocoin scammers abuse Apple’s TestFlight system

Posted on March 16, 2022 by Frank Cisco

“Install this moneymaking app” – this one is so special that it isn’t available on Google Play or the App Store!

from Naked Security https://ift.tt/iPruJlj
via IFTTT

Would ‘Cyber Geneva Conventions’ Defuse Online Aggression?

Posted on March 16, 2022 by Frank Cisco

International treaties could force nation-states to police bad actors within their borders to avoid penalties.

from Dark Reading https://ift.tt/DBAq1ru
via IFTTT

How Should My Security Analyst Use the MITRE ATT&CK Framework?

Posted on March 16, 2022 by Frank Cisco

As a curated knowledgebase for adversary behavior, the MITRE ATT&CK framework can guide defenders on how to conduct an investigation and the order of things to look for.

from Dark Reading https://ift.tt/qRvxyMs
via IFTTT

What Kind Of Security Tools Should I Provide My Developers?

Posted on March 16, 2022 by Frank Cisco

Who says developers don’t care about security? Give them the tools to help them build security into their code.

from Dark Reading https://ift.tt/8VYECKB
via IFTTT

[remote] Apache APISIX 2.12.1 – Remote Code Execution (RCE)

Posted on March 16, 2022 by Frank Cisco

Apache APISIX 2.12.1 – Remote Code Execution (RCE)

from Exploit-DB.com RSS Feed https://ift.tt/1IJh0l2
via IFTTT

[webapps] Tiny File Manager 2.4.6 – Remote Code Execution (RCE)

Posted on March 16, 2022 by Frank Cisco

Tiny File Manager 2.4.6 – Remote Code Execution (RCE)

from Exploit-DB.com RSS Feed https://ift.tt/9V5nbuf
via IFTTT

[remote] Hikvision IP Camera – Backdoor

Posted on March 16, 2022 by Frank Cisco

Hikvision IP Camera – Backdoor

from Exploit-DB.com RSS Feed https://ift.tt/ih7Uvz9
via IFTTT

[webapps] Pluck CMS 4.7.16 – Remote Code Execution (RCE) (Authenticated)

Posted on March 16, 2022 by Frank Cisco

Pluck CMS 4.7.16 – Remote Code Execution (RCE) (Authenticated)

from Exploit-DB.com RSS Feed https://ift.tt/YsXVynm
via IFTTT

[webapps] Moodle 3.11.5 – SQLi (Authenticated)

Posted on March 16, 2022 by Frank Cisco

Moodle 3.11.5 – SQLi (Authenticated)

from Exploit-DB.com RSS Feed https://ift.tt/RkUpDl1
via IFTTT

“Russian actors bypass 2FA” story – what happened and how to avoid it

Posted on March 15, 2022 by Frank Cisco

The US Cybersecurity and Infrastructure Security Agency (CISA) has just put out a bulletin numbered AA22-074A, with the dramatic title Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability. To sidestep rumours based on the title alone (which some readers might interpret as an attack that is going […]

from Naked Security https://ift.tt/isj1O6h
via IFTTT

S	M	T	W	T	F	S
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30
31