Vulnerabilities

Hacking with MagicDots: Exploiting Dots & Spaces in Filenames/Pathnames for Permanent Admin Rights

On: April 22, 2024

In: Data Security, Forensics, Vulnerabilities

In a recent study conducted by SafeBreach Labs, a security research team has uncovered a trio of vulnerabilities stemming from a longstanding issue within the DOS-to-NT path conversion process usedRead More →

Compromising Cryptographic Key Security Through PuTTY: A Deep Dive into CVE-2024-31497

On: April 16, 2024

In: Data Security, Vulnerabilities

CVE-2024-31497 has emerged as a critical security flaw affecting PuTTY, a widely used SSH and Telnet client, from versions 0.68 through 0.80, all of which are now confirmed to haveRead More →

How to hack a LG Smart TV via vulnerabilities in LG WebOS?

On: April 9, 2024

In: Data Security, Vulnerabilities

In a recent disclosure, cybersecurity firm Bitdefender has revealed a series of critical vulnerabilities within LG’s WebOS, the operating system used in many of the brand’s smart TVs. These vulnerabilities,Read More →

How to Check if a Linux Distribution is Compromised by the XZ Utils Backdoor in 6 Steps

On: April 2, 2024

In: Data Security, Reverse Engineering Tools, Vulnerabilities, Vulnerability Scanners, Web Exploitation, Web Scanners

In an unsettling development that emerged late last week, the open-source community was thrust into a state of high alert following the disclosure that XZ Utils, a fundamental compression utilityRead More →

CVE-2023-5528: Kubernetes Flaw Jeopardizing Windows Node That Can’t Be Ignored

On: March 14, 2024

In: Data Security, Vulnerabilities

In recent developments, cybersecurity experts have raised alarms over a high-severity vulnerability identified in Kubernetes, marked as CVE-2023-5528. This critical flaw has the potential to allow attackers to execute arbitraryRead More →

Hacking Debian, Ubuntu, Redhat& Fedora servers using a single vulnerability in 2024

On: February 1, 2024

In: Data Security, Vulnerabilities

The recent discovery of a significant flaw in the GNU C Library (glibc), a fundamental component of major Linux distributions, has raised serious security concerns. This flaw grants attackers rootRead More →

Exploit code: How the New Jenkins Vulnerability Could Compromise Your Data

On: January 29, 2024

In: Data Security, Vulnerabilities

Recent news about a critical vulnerability in Jenkins, identified as CVE-2024-23897, has raised significant concerns in the cybersecurity community. This vulnerability has been highlighted due to the publication of aRead More →

How to steal Windows password via Outlook email exploiting vulnerabilities in Windows Performance Analyzer (WPA) and File Explorer

On: January 22, 2024

In: Data Security, Forensics, Vulnerabilities

Varonis Threat Labs has uncovered a significant vulnerability in Microsoft Outlook (CVE-2023-35636) that allows attackers to access NTLM v2 hashed passwords. This discovery also includes vulnerabilities in Windows Performance AnalyzerRead More →

How to hack Google Kubernetes Engine (GKE)? Securing against GKE threats

On: December 28, 2023

In: Important, Vulnerabilities

A recent investigation by Unit 42 of Palo Alto Networks has uncovered a dual privilege escalation chain in Google Kubernetes Engine (GKE). This vulnerability, stemming from specific configurations in GKE’sRead More →

Silent Email Attack CVE-2023-35628 : How to Hack Without an Email Click in Outlook

On: December 15, 2023

In: Data Security, Tutorials, Vulnerabilities

CVE-2023-35628 is a critical remote code execution (RCE) vulnerability affecting the Microsoft Windows MSHTML platform, with a Common Vulnerability Scoring System (CVSS) score of 8.1, indicating a high level ofRead More →

Vulnerabilities

Hacking with MagicDots: Exploiting Dots & Spaces in Filenames/Pathnames for Permanent Admin Rights

Compromising Cryptographic Key Security Through PuTTY: A Deep Dive into CVE-2024-31497

How to hack a LG Smart TV via vulnerabilities in LG WebOS?

How to Check if a Linux Distribution is Compromised by the XZ Utils Backdoor in 6 Steps

CVE-2023-5528: Kubernetes Flaw Jeopardizing Windows Node That Can’t Be Ignored

Hacking Debian, Ubuntu, Redhat& Fedora servers using a single vulnerability in 2024

Exploit code: How the New Jenkins Vulnerability Could Compromise Your Data

How to steal Windows password via Outlook email exploiting vulnerabilities in Windows Performance Analyzer (WPA) and File Explorer

How to hack Google Kubernetes Engine (GKE)? Securing against GKE threats

Silent Email Attack CVE-2023-35628 : How to Hack Without an Email Click in Outlook

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

Hacking with MagicDots: Exploiting Dots & Spaces in Filenames/Pathnames for Permanent Admin Rights

Compromising Cryptographic Key Security Through PuTTY: A Deep Dive into CVE-2024-31497

How to hack a LG Smart TV via vulnerabilities in LG WebOS?

How to Check if a Linux Distribution is Compromised by the XZ Utils Backdoor in 6 Steps

CVE-2023-5528: Kubernetes Flaw Jeopardizing Windows Node That Can’t Be Ignored

The 11 Essential Falco Cloud Security Rules for Securing Containerized Applications at No Cost

Hack-Proof Your Cloud: The Step-by-Step Continuous Threat Exposure Management CTEM Strategy for AWS & AZURE

Web-Based PLC Malware: A New Technique to Hack Industrial Control Systems

The API Security Checklist: 10 strategies to keep API integrations secure

11 ways of hacking into ChatGpt like Generative AI systems

How to send spoof emails from domains that have SPF and DKIM protections?

Silent Email Attack CVE-2023-35628 : How to Hack Without an Email Click in Outlook

How to Bypass EDRs, AV with Ease using 8 New Process Injection Attacks

Is Your etcd an Open Door for Cyber Attacks? How to Secure Your Kubernetes Clusters & Nodes

CVSS 4.0 Explained: From Complexity to Clarity in Vulnerability Assessment

Major Python Infrastructure Breach – Over 170K Users Compromised. How Safe Is Your Code?

How to exploit Windows Defender Antivirus to infect a device with malware

Inside the Scam: How Ransomware Gangs Fool You with Data Deletion Lies!

How to Bypass EDRs, AV with Ease using 8 New Process Injection Attacks

How hrserver.dll stealthy webshell can mimic Google’s Web Traffic to hide and compromise networks

Cyber Security Channel

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]