News

Critical PHP Remote File Inclusion Vulnerability Discovered in Hide My WP Ghost Plugin (CVE-2025-26909)

News

Critical PHP Remote File Inclusion Vulnerability Discovered in Hide My WP Ghost Plugin (CVE-2025-26909)

A critical vulnerability (CVE-2025-26909) has been identified in the Hide My WP Ghost WordPress plugin, affecting over...

Indonesian E-Learning Platform Reportedly Targeted in Cybersecurity Incident

News

Indonesian E-Learning Platform Reportedly Targeted in Cybersecurity Incident

Reports indicate that a prominent Indonesian educational technology platform may have been the target of a cybersecurity...

Strengthening Defenses Against Identity-Based Cyber Attacks

News

Strengthening Defenses Against Identity-Based Cyber Attacks

Identity-based attacks remain one of the most pervasive threats in cybersecurity, leveraging stolen or compromised credentials to...

NIST SP 800-82r3: Strengthening OT Security with Dragos and NP-View Integration

News

NIST SP 800-82r3: Strengthening OT Security with Dragos and NP-View Integration

The latest revision of NIST SP 800-82 (r3) provides critical guidance for securing Operational Technology (OT) systems,...

Upcoming Book Talk Events for “Chasing Shadows” – March 2024

News

Upcoming Book Talk Events for “Chasing Shadows” – March 2024

Join us for an engaging series of book talks in March 2024 featuring discussions on Chasing Shadows,...

Active Directory Security: Detecting and Mitigating WriteOwner Permission Abuse

News

Active Directory Security: Detecting and Mitigating WriteOwner Permission Abuse

Misconfigured WriteOwner permissions in Active Directory can enable attackers to take ownership of critical objects, bypass security...

Active Directory Security Risk: Exploiting AddSelf Permissions for Privilege Escalation

News

Active Directory Security Risk: Exploiting AddSelf Permissions for Privilege Escalation

A critical misconfiguration in Active Directory’s Discretionary Access Control Lists (DACLs) allows attackers to abuse the AddSelf...

Credential Dumping via Active Directory User Comments: Risks and Mitigations

News

Credential Dumping via Active Directory User Comments: Risks and Mitigations

Active Directory (AD) credential dumping remains a significant threat, with attackers increasingly exploiting overlooked attributes like user...

Extracting Image Metadata from HTTP Captures Using Tshark for Security Analysis

News

Extracting Image Metadata from HTTP Captures Using Tshark for Security Analysis

Network traffic analysis often reveals hidden artifacts, including images transferred over HTTP. These images can contain valuable...

Advanced Shodan CLI Techniques for Security Professionals: xargs, Download & Parse

News

Advanced Shodan CLI Techniques for Security Professionals: xargs, Download & Parse

Security teams at enterprise organizations can leverage Shodan’s command-line interface (CLI) to enhance external threat intelligence gathering....

How to Use CSPLIT for Efficient Log Management in Security Operations

News

How to Use CSPLIT for Efficient Log Management in Security Operations

Security professionals often deal with large log files that can be cumbersome to analyze. The csplit utility...

Understanding PUA.Win64.ProcHack.AC: A Low-Risk Windows PUA Security Teams Should Monitor

News

Understanding PUA.Win64.ProcHack.AC: A Low-Risk Windows PUA Security Teams Should Monitor

Security teams should be aware of PUA.Win64.ProcHack.AC, a Potentially Unwanted Application (PUA) targeting Windows systems that represents...

Trojan.Win64.COMBACKER.YABA-A: Analyzing the Persistent Low-Risk Threat to Windows Systems

News

Trojan.Win64.COMBACKER.YABA-A: Analyzing the Persistent Low-Risk Threat to Windows Systems

Trojan.Win64.COMBACKER.YABA-A represents a persistent though low-risk threat to Windows systems, first identified in January 2021 by Trend...

Trojan.MacOS.SLISP.A: Analyzing the Stealthy macOS Threat Targeting Sensitive Data

News

Trojan.MacOS.SLISP.A: Analyzing the Stealthy macOS Threat Targeting Sensitive Data

Trojan.MacOS.SLISP.A (also known as SilverSparrow) represents a sophisticated macOS threat with concerning data exfiltration capabilities. First identified...

Ransom.MSIL.CHAOS.A: Analyzing the Low-Prevalence but High-Impact Ransomware Threat

News

Ransom.MSIL.CHAOS.A: Analyzing the Low-Prevalence but High-Impact Ransomware Threat

Security teams should be aware of Ransom.MSIL.CHAOS.A, a Windows-specific ransomware strain demonstrating high damage potential despite its...

Docker Remote API Servers Targeted by perfctl Malware in New Attack Wave

News

Docker Remote API Servers Targeted by perfctl Malware in New Attack Wave

Security researchers have uncovered a new campaign targeting misconfigured Docker Remote API servers, where attackers deploy the...

PIP-INTEL: The Python-Powered OSINT Tool for Cybersecurity Teams

News

PIP-INTEL: The Python-Powered OSINT Tool for Cybersecurity Teams

PIP-INTEL is a Python-based Open Source Intelligence (OSINT) tool designed to streamline reconnaissance and threat intelligence workflows...

Extrude: Open-Source Binary Analysis Tool for Security Teams

News

Extrude: Open-Source Binary Analysis Tool for Security Teams

Security teams now have access to a powerful new open-source tool for analyzing binary security posture. Extrude...

VulnNodeApp: A Purposefully Vulnerable Node.js Application for Security Training

News

VulnNodeApp: A Purposefully Vulnerable Node.js Application for Security Training

VulnNodeApp serves as an intentionally vulnerable Node.js application specifically designed for security education and training purposes. This...

Web Application Penetration Testing: Key Methodologies and Tools for Enterprise Security

News

Web Application Penetration Testing: Key Methodologies and Tools for Enterprise Security

In today’s digital landscape where web applications form the core of business operations, penetration testing has become...

Posts pagination

Previous 1 2 3 Next

News

Critical PHP Remote File Inclusion Vulnerability Discovered in Hide My WP Ghost Plugin (CVE-2025-26909)

Indonesian E-Learning Platform Reportedly Targeted in Cybersecurity Incident

Strengthening Defenses Against Identity-Based Cyber Attacks

NIST SP 800-82r3: Strengthening OT Security with Dragos and NP-View Integration

Upcoming Book Talk Events for “Chasing Shadows” – March 2024

Active Directory Security: Detecting and Mitigating WriteOwner Permission Abuse

Active Directory Security Risk: Exploiting AddSelf Permissions for Privilege Escalation

Credential Dumping via Active Directory User Comments: Risks and Mitigations

Extracting Image Metadata from HTTP Captures Using Tshark for Security Analysis

Advanced Shodan CLI Techniques for Security Professionals: xargs, Download & Parse

How to Use CSPLIT for Efficient Log Management in Security Operations

Understanding PUA.Win64.ProcHack.AC: A Low-Risk Windows PUA Security Teams Should Monitor

Trojan.Win64.COMBACKER.YABA-A: Analyzing the Persistent Low-Risk Threat to Windows Systems

Trojan.MacOS.SLISP.A: Analyzing the Stealthy macOS Threat Targeting Sensitive Data

Ransom.MSIL.CHAOS.A: Analyzing the Low-Prevalence but High-Impact Ransomware Threat

Docker Remote API Servers Targeted by perfctl Malware in New Attack Wave

PIP-INTEL: The Python-Powered OSINT Tool for Cybersecurity Teams

Extrude: Open-Source Binary Analysis Tool for Security Teams

VulnNodeApp: A Purposefully Vulnerable Node.js Application for Security Training

Web Application Penetration Testing: Key Methodologies and Tools for Enterprise Security

You may have missed

How Intezer’s AI SOC Balances Automation with Human Expertise

How Security Platformization Improves Threat Response and Operational Efficiency

World Backup Day: Essential Strategies for Enterprise Data Protection

Tax Season Cyberfraud Alert: Hacienda Impersonation Campaigns Target Rental Declarations