Latest

Cyber Daily 11/21: EPA Warns of Water Utility Cyber Vulnerabilities, Indian Govt. Alerts Chrome Bug, VMware VCenter Under Attack, Ubuntu Server Flaws Exposed, Apple and Android Users Urged to Update

Welcome to the ONSEC Cyber Daily for November 21st. Today's issue is packed with critical updates and warnings from across the globe. We kick off with a warning from the EPA about cybersecurity vulnerabilities in water utilities, affecting millions of customers. Meanwhile, the Indian government's cybersecurity

Cyber Daily 11/20: Google's 20-Year-Old Flaw, Apple's Zero-Day Attack, Vulnerable Water Utilities, Oracle's Agile PLM Exploited

Welcome to the ONSEC Cyber Daily for November 20th. Today, we're diving into a whirlwind of cyber threats and vulnerabilities that have been making headlines. First up, Google has confirmed a critical 20-year-old security flaw, which it's addressing using a new Fuzzy AI. This AI-powered fuzzing

Cyber Daily 11/19: Ionix's Cloud Exposure Validator, PTA's PHP Vulnerability Alert, VMware and Palo Alto's Critical Flaws, Czech Banks on Cyber Alert

Welcome to the ONSEC Cyber Daily for November 19th, 2024. Today's issue is packed with critical updates and insights on the ever-evolving cybersecurity landscape. Ionix has unveiled a new tool to streamline cloud security alert management, while the PTA has issued a cyber alert over a critical PHP

Cyber Daily 11/18: Palo Alto's Zero-Day Firewall Bug, Hong Kong's Cybersecurity Drill, Arkansas' Cyber Insurance Need, Five Eyes Alliance's Top Vulnerabilities, MSSP Market Update, NCSC's Black Friday Warning

Welcome to your ONSEC Cyber Daily dose for November 18th. Today, we're diving into the world of cybersecurity, where the stakes are high and the threats are ever-evolving. Palo Alto Networks is in the spotlight, patching a critical zero-day firewall bug and dealing with two more bugs in

Cyber Daily 11/16: Microsoft Halts Security Updates, DEEPDATA Malware Targets Fortinet, GeoVision Devices Exploited by Botnet, Palo Alto Faces Multiple Exploits

Welcome to the ONSEC Cyber Daily, your daily dose of cybersecurity news and updates. Today, we're diving into a series of critical developments that have been making waves in the cybersecurity landscape. First up, Microsoft has hit pause on its November 2024 Exchange Security Updates due to email

Cyber Daily 11/15: US EPA Flags Cybersecurity Risks in Water Systems, CISA Reports Rising Zero-Days, Vietnam Strengthens Cybersecurity with CISA, Palo Alto and Cisco Face Critical Vulnerabilities

Welcome to the ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. Today, we're diving into a recent US EPA report that highlights significant cybersecurity flaws in our drinking water systems, raising concerns about potential disruptions and public health risks. We'll also be

Cyber Daily 11/14: UK, Five Eyes Warn of Rising Zero-Day Exploits, CyberFirst at Kunoichi Games, Microsoft Patches CVE-2024-43451, D-Link Refuses to Patch Older Modems

Welcome to today's issue of ONSEC Cyber Daily! As we navigate the ever-evolving cyber landscape, we're seeing a significant shift in cyber attackers exploiting zero-day vulnerabilities. The UK and its allies have issued a stark warning, with the Five Eyes cybersecurity agencies reporting a notable increase

Cyber Daily 11/13: Microsoft's Patch Tuesday Fixes 91 Flaws, Zero-Day Cyberattacks Surge, Chrome Warns 3.2B Users, UK and Allies Highlight Cyber Vulnerabilities

Welcome to the ONSEC Cyber Daily for November 13th. Today, we're diving into a whirlwind of cybersecurity updates that have been making waves across the globe. From the surge in 'zero-day' cyberattacks warned by the Feds to the critical vulnerabilities actively exploited, the cyber landscape is

Cyber Daily 11/12: CISA, FBI, NSA Warn of Top 2023 Exploits, Germany on High Alert, Mazda's Vulnerability, Apple and Google Chrome Users at Risk, Critical WordPress and PAN-OS Vulnerabilities, Patch Updates for SAP, HPE, Dell, and Veeam

Good morning, ONSEC Cyber Daily readers! Today, we're diving into a whirlwind of cybersecurity alerts and vulnerabilities that have been making headlines. The CISA, FBI, NSA, and International Partners have released a joint advisory on the top routinely exploited vulnerabilities of 2023. This comes as Germany's

Cyber Daily 11/11: CISA Alerts on Critical CVE-2024-8934, SEO Poisoning Threatens Google Users, Oracle WebLogic and PAN-OS Vulnerabilities, Patch Tuesday Forecast

Welcome to your ONSEC Cyber Daily dose for 11/11. Today, we're diving into a whirlwind of cybersecurity alerts and vulnerabilities that are making waves across the globe. First up, we're looking at the urgent alert issued by CISA regarding the critical vulnerability CVE-2024-8934 threatening our

Cyber Daily 11/9: Critical Google Chrome Alert, Indian Govt Warning, HPE and Palo Alto Vulnerabilities, CISA Warnings, Cisco and Android Flaws, Oracle and Dell Patches

Good morning, ONSEC Cyber Daily readers! Today, we're diving into a flurry of critical alerts and warnings that have been issued by various cybersecurity agencies worldwide. First up, Google Chrome users, you're on high alert! The government has issued a severe warning about vulnerabilities that could

Cyber Daily 11/8: Google's LLM Fixes Database Bug, CISA Alerts on Palo Alto's Active Exploit, Cybersecurity Earnings Dip, Cisco's Wireless Devices Vulnerable

Welcome to the ONSEC Cyber Daily ! Today, we're diving into the world of cybersecurity, where vulnerabilities are being discovered and patched at a rapid pace. Google's LLM Agent has found and fixed a real-world bug in a popular database, demonstrating the power of AI in combating

Cyber Daily 11/7: Google and Cisco Patch Critical Vulnerabilities, Open Redirect Attacks Exploited, Sports Sector Cyber Vulnerability, Cybersecurity in Healthcare and Elections

Welcome to the November 7th issue of ONSEC Cyber Daily. Today, we're diving into the murky waters of open redirect attacks, a versatile tool that cybercriminals are using to scale their attacks. We'll also explore the potential cyber vulnerabilities in the sports sector, particularly among volunteers.

Cyber Daily 11/6: Google Patches Android Zero-Days, FBI Warns of Email Takeovers, AI Revolutionizes Cybersecurity, Unpatched Synology Devices at Risk

Welcome to the ONSEC Cyber Daily! Today, we're diving into the world of Android vulnerabilities, with Google patching two zero-day vulnerabilities that have been exploited in targeted attacks. The FBI has issued a warning about cybercriminals taking over email accounts via stolen session cookies, highlighting the importance of

Cyber Daily 11/5: Google's AI Discovers Vulnerability, CISA Alerts on PTZOptics Cameras & Rockwell Systems, Samsung & Google Patch Android Flaws, Nigerian Phishing Scam, Russian Disinformation Campaign

Welcome to the latest issue of ONSEC Cyber Daily, your one-stop source for the most impactful cybersecurity news. Today, we're diving into a groundbreaking discovery by Google's Project Zero and DeepMind, who have uncovered their first real-world vulnerability using a large language model. This marks a

Cyber Daily 11/4: American Water Cyberattack, SharePoint Flaw Threatens Networks, Nigerian Phishing Scam Conviction, Synology NAS Vulnerability, Russian Disinformation Campaign

Welcome to the ONSEC Cyber Daily, your one-stop source for the latest cybersecurity news. Today, we're diving into the recent cyberattack on American Water, highlighting the vulnerabilities that continue to plague critical infrastructure sectors. We're also discussing the SharePoint flaw that's putting entire corporate

Cyber Daily 11/2: Georgia Fights Russian Disinformation, 60% of Election Sites Vulnerable, India Warns Chrome Users, EU's New Cybersecurity Obligations

Welcome to the ONSEC Cyber Daily, your daily dose of the most impactful cybersecurity news. Today, we're diving into the ongoing battle against election disinformation, with Georgia's Secretary of State pushing for the removal of Russian disinformation from social media. We're also looking at

Cyber Daily 11/1: MFA Vulnerability Exposes Credit Card Data, Sri Lanka CERT Warns of Cybercrime Surge, CISA and NIST Update on AI Cyberattacks

Welcome to the November 1st issue of ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. Today, we're diving into a range of critical vulnerabilities and patches, from an MFA website vulnerability that puts credit card data at risk, to a surge in cybercrime in

Cyber Daily 10/31: Fortinet Discloses More Malicious IPs, CISA Updates Manufacturing Software Guidance, AVTECH and Room Alert Support Cybersecurity, Microsoft SharePoint Vulnerability Exploited

Welcome to your ONSEC Cyber Daily newsletter for October 31st. Today, we're diving into a web of cyber threats and vulnerabilities that are keeping the cybersecurity world on its toes. Fortinet has discovered more malicious IPs linked to a widely exploited zero-day vulnerability, a serious threat that could

Cyber Daily 10/30: Quantum Computing Threat Looms, U.S. Water Sector at Risk, Instagram Vulnerability, Apple and Google Patch Major Flaws, AI Cyberattacks on the Rise

Welcome to ONSEC Cyber Daily! We're thrilled to introduce our new section: "Wisdom from the ONSEC Founders' Vault." Tap into the expertise of our founders with exclusive insights and strategies to stay ahead in cybersecurity. In today’s issue: * Quantum computing threatens encryption as criminals

Cyber Daily 10/29: Samsung's 24-Hour Update Deadline, CISA's Qualcomm Warning, Microsoft's Windows Kernel Exposed, Italian State Databases Breached

Welcome to today's issue of ONSEC Cyber Daily, where we bring you the most pressing cybersecurity news in one place. In a race against time, Samsung users are urged to update their phones within 24 hours due to a newly discovered vulnerability. The US cybersecurity agency, CISA, has

Cyber Daily 10/28: Belgium's Leonidas Project, Critical Infrastructure Cybersecurity, CISA and FBI Alert on XSS, Philips Smart Bulbs' IoT Vulnerabilities, Microsoft Windows High Risk Warning

Welcome to the ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. In today's issue, we delve into Belgium's Leonidas Project and its efforts to boost national cyber resilience, a critical initiative in a world where cyber threats are a constant buzz. We

Cyber Daily 10/26: Cloud Servers Cryptocurrency Schemes, Microsoft Windows Vulnerabilities, Samsung Security Issue, Cisco ASA Patch

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into a world where cloud servers are being exploited for secret cryptocurrency schemes, and open-source security solutions are rising as the heroes. We're also looking at the government's latest cybersecurity warnings about

Cyber Daily 10/25: Nvidia Security Alert for Gamers, Water Utilities Vulnerable Post-Pennsylvania Attack, FortiManager Devices Compromised, Virgin Media's Public Wi-Fi Warning

Welcome to the latest issue of ONSEC Cyber Daily, your one-stop source for the most impactful cybersecurity news. Today, we're diving into a critical security warning for 200 million Nvidia users, both Linux and Windows gamers alike. Veteran cybersecurity writer, Davey Winder, has highlighted an improper input validation

Cyber Daily 10/24: Russian Cyber Campaign Intensifies, Fortinet FortiManager Vulnerability Exploited, Cyberattacks on Spring Java Framework, Critical Alerts for Windows and Cisco Updates

Welcome to the ONSEC Cyber Daily for October 24th. Today, we're diving into the escalating cyber campaign by Russian Intelligence, as reported by the Kyiv Post. Western intelligence agencies are urging organizations worldwide to stay vigilant. In the UK, the National Cyber Security Centre (NCSC) is offering a

Cyber Daily 10/23: Zimbra, Stormshield Vulnerability Alert, Veeam Ransomware Exploits, VMware's Patching Crisis, Bitdefender's Critical Flaws, and Cybersecurity Podcast Insights

Welcome to the ONSEC Cyber Daily for October 23rd. Today, we're diving into a whirlwind of vulnerabilities, patches, and cyber threats that have been making waves in the cybersecurity world. We start with a critical vulnerability in the Postjournal Zimbra software suite, which has prompted a security alert

Cyber Daily 10/22: Veeam Ransomware Exploits, Sciencelogic Vulnerability Alert, FortiManager's Security Gap, VMware's vCenter Server Patch Snag

Welcome to the ONSEC Cyber Daily for October 22nd. Today, we're diving into a flurry of cybersecurity updates and vulnerabilities that have been making waves in the tech world. First up, we're looking at the critical Veeam CVE that's being actively exploited in ransomware

Cyber Daily 10/21: AI-Driven Attacks Surge, Gmail & Roundcube Users Alerted, Cyprus Cyberattack, Fortinet & Atlassian Patch Critical Vulnerabilities

Welcome to today's issue of ONSEC Cyber Daily, where we bring you the latest and most impactful cybersecurity news. In today's edition, we delve into the rising threat of AI-driven cyberattacks, with Forbes warning of 1,000 elite hackers now harnessing the power of AI. Meanwhile,

Cyber Daily 10/19: Microsoft's 10-Day Windows Update Deadline, American Water Cyberattack, Gen Z's Online Vulnerability

Welcome to the latest issue of ONSEC Cyber Daily. Today, we're sounding the alarm on a series of critical vulnerabilities and cyber threats that are making headlines. First up, Microsoft has issued a 10-day deadline for Windows users to update their systems or risk being unable to use

Cyber Daily 10/18: GitHub and Mozilla Firefox Vulnerabilities, US Indicts Russia's GRU Unit, Critical Patches for Kubernetes and VMware, Podcast Insights from CISO Rubrik

Welcome to your ONSEC Cyber Daily dose for October 18th. Today, we're diving deep into the world of cybersecurity, exploring the critical role of VAPT in fortifying our digital defenses. With over 72% of organizations worldwide falling victim to at least one ransomware attack, the need for robust

Cyber Daily 10/17: China's Intel Alert, India's Firefox Warning, Trend Micro Vulnerability, Patch Updates from Oracle, Cisco

Welcome to the latest issue of ONSEC Cyber Daily. Today, we're diving into a world where cybersecurity threats are escalating and vulnerabilities are being exploited. China's spy agency is sounding the alarm on growing cybersecurity threats, particularly highlighting the vulnerabilities in Intel chips. Meanwhile, India'

Cyber Daily 10/16: GitHub Patches Critical Flaw, Muah.ai Faces Extortion Threats, Russian Cyber Campaign Threatens UK

Good morning, ONSEC Cyber Daily readers! Today’s highlights include GitHub patching a critical Enterprise Server flaw to prevent unauthorized access and the Muah.ai breach exposing cyber vulnerabilities and leading to extortion threats. Organizations must also address exploited SolarWinds Web Help Desk vulnerabilities and stay alert to a new

Cyber Daily 10/15: High-Risk Android, Chrome Warnings, Veeam Exploits, muah.ai Breach, CERT-In Alerts, NSA on Russian Threats, GitLab Patches, AI Cybersecurity Podcasts

Hello ONSEC Cyber Daily readers! Today’s edition covers critical cybersecurity updates. CERT-In has issued a high-risk warning for Android devices and Google Chrome, highlighting vulnerabilities that could be exploited through malicious apps or websites. The National Cyber Security Centre also reports a rise in denial-of-service (DoS) attacks disrupting organizations.

ONSEC Cyber Daily 10/14: Critical Cyber Alerts: Android and Chrome Risks in India and Vietnam, Jamaica’s Vulnerability, Fortinet and Firefox Patches

Welcome to your daily briefing from ONSEC Cyber Daily. Today, we spotlight a surge of global cyber threats raising alarms across nations. In India, Android and Google Chrome users face critical risks, prompting the government to issue an urgent advisory. CERT-In has flagged severe vulnerabilities that could pave the way

Cyber Daily 10/11: AI Revives XSS Threats, Critical Flaws Exposed, and Global Cyber Alerts

Welcome to your daily dose of ONSEC Cyber Daily. Today, we're diving into the murky waters of data breaches and liability, with insights from CyberRisk Alliance's editorial director, Jessica C. Davis. We're also shining a light on the resurgence of XSS vulnerabilities, thanks to

Cyber Daily 10/9: Google and Adobe Patch High-Severity Vulnerabilities, Microsoft and Samsung Address Browser Risks, Ivanti Zero-Days Exploited

Welcome to today's ONSEC Cyber Daily. As a leading penetration testing company, we're committed to delivering the latest cybersecurity news and insights. Staying informed is crucial in today's digital landscape. In this issue, we'll cover critical security updates from Google, Adobe, Microsoft,

Our First (!!!) Cyber Daily 10/8: American Water Works Under Cyberattack, SatCom Cybersecurity Threats, FINRA Warns of Third-Party Risks, Qualcomm Patches Critical Flaws

Welcome to the inaugural ONSEC Cyber Daily for October 8, 2024. As a leading penetration testing company, we're launching this new rubric to deliver the latest cybersecurity news and insights. Staying informed and proactive is essential in today's digital landscape. In this issue, we'll

Lock'n'load. History of vulnerabilities in the Counter Strike series - Part 3

Source engine: CS:S, CS GO, Team Fortress 2 Creation History Source is a 3D game engine developed by Valve. Its official debut appearance was in 2004 with the release of Half-Life: Source, Counter-Strike: Source, and Half-Life 2. Source became the successor to the GoldSrc engine, on which legendary games

Lock'n'load. History of vulnerabilities in the Counter Strike series - Part 2

Introduction In this part of the article, we will thoroughly examine vulnerabilities found in various games of the Counter-Strike series. Over the years, numerous vulnerabilities have been discovered, each affecting the security of players in its own way. Valve, the developer of the Counter-Strike series, actively supports a Bug Bounty

Crack NTLM over LM

Let's suppose you have successfully taken control of a domain controller and can dump the password hashes of all domain users. You could run hashcat -m 1000 and wait, but what if you don't want to wait and you need the passwords immediately? For instance, you

Lock'n'load. History of vulnerabilities in the Counter Strike series - Part 1

Buffer Overflow Introduction Since this article will largely focus on the topic of buffer overflow, let's dive into this topic. Buffer Overflow is one of the most well-known and widely exploited vulnerabilities in cybersecurity. This vulnerability allows attackers to overwrite data in a program's memory and

Securing the Game: The Role of Penetration Testing in the Gaming Industry

The gaming industry has experienced exponential growth over the past decade, transforming from simple arcade games into complex, interactive, and highly immersive experiences. With the rise of online multiplayer games, virtual economies, and e-sports, the stakes have never been higher. However, with great popularity comes great risk. Cybersecurity threats are

AWS S3 for Pentesters

Discovering and Exploiting Misconfiguration Introduction This article is intended for pentesters and security professionals who work with Amazon S3 buckets. It covers methods for discovering buckets, checking access permissions, extracting data, and providing recommendations for securing them. Amazon S3 (Simple Storage Service) is a widely used object storage service for

Everything You Always Wanted to Know About Pentest (But Were Afraid to Ask)

What is pentest? A penetration test, generally known as a pentest, is an authorized simulated cyberattack on a computer system performed to evaluate the system's security, as Wikipedia tells us. Simply put, you hire hackers to identify vulnerabilities and weaknesses in your system in controlled conditions that real

From Zero to Hero: Phishing Campaign. Part 3

See also: Part 1 Part 2 Chapter 4: Results The phishing campaign presented in this article lasted one day. The attacked employees of the organization are IT specialists from the development and administration departments - 42 people. The target organization participates in training on countering phishing attacks. Events since the

From Zero to Hero: Phishing Campaign. Part 2

See also: Part 1 Part 3 Chapter 2: Technical Implementation Architecture The phishing campaign scheme I'm considering is an example of a MitM attack to capture access credentials and sessions of attacked employees, including two-factor authorization (2FA) confirmation via TOTP codes and push notifications. Infrastructure components: * Phishing server.

From Zero to Hero: Phishing Campaign. Part 1

Chapter 0: Introduction Warning: This material is provided for informational purposes only. Only repeat these actions in practice with proper authorization and agreement! The author is not responsible for the consequences of applying the information obtained in this article. With this post, I am starting a series of articles on

Exploring Online Gambling in Europe: Understanding Cybersecurity Challenges

Gambling has deep roots in European history, spanning centuries and weaving into the cultural fabric of the continent. From the grandeur of Monaco's casinos to the quaint charm of UK betting shops, it's been a cherished pastime. In recent times, though, the landscape has shifted dramatically

Lab for pentesting iOS applications. Part 2

In this part of the guide, we'll walk through setting up the environment and interacting with iOS applications. Target application: DVIA-v2 Preparation At this point, your iPhone should already be jailbroken, and Frida should be installed. You can easily verify this by connecting your phone to your MacBook

Lab for pentesting iOS applications. Part 1

Introduction Goal: prepare a lab for pentesting iOS applications and MiTM traffic using Frida and BurpSuite. This step-by-step guide consists of two parts. The first part is dedicated to preparing the equipment (installing the required software and jailbreaking multiple versions of iOS), while the second part covers some basic features

Why is security important for MedTech?

Healthcare is one of the most critical and sensitive areas of human activity. Over the years, it has undergone changes and innovations to improve the quality of care and provide better services to patients. Modern technology has brought to this field the convenience of customer management, patient monitoring, and the

TCP Tarpit and Port Scanning. Barricades on Both Sides.

Introduction Thousands of articles have been written about port scanning, discussing techniques, methodologies, tools... Yet, even in such a seemingly straightforward topic, there are several less-covered nuances. If you regularly scan subnets, participate in bug bounties, perform penetration testing, or automate this process, then this article might be useful to

GitHub commit parsing for email and fun

During security audits, we check for potential leaks of sensitive information such as source code and API keys related to the object of the investigation. These findings can expand the scope of the research and provide additional access points to the system. To verify the connection between a discovered repository

When you're so bored, you start debugging someone else's code: bug hunting in a random Cloud-Native project

Intro Our team has the challenge of finding bugs in popular Cloud-Native projects on Github. It's a fun activity that is a good alternative to platforms like HTB and benefits the project we're researching. However, unlike HTB, finding a bug is not guaranteed. We wanted to

Sandbox escape or How to catch all servers of the company

We would like to describe how we discovered three RCE vulnerabilities, managed to escape the sandbox, and gained access to all of the company's servers. As part of the pentest, we identified a service for managing virtual and physical servers called Foreman. It appeared to be interesting to

CodeQL vs Semgrep: Fun and Friendly Showdown of SAST tools🥊

In the world of application security, choosing the right Static Application Security Testing (SAST) tool can feel like a never-ending game of "Eeny, meeny, miny, moe." 🤔 But fear not, dear reader, for today we'll dive deep into the showdown of two popular SAST contenders: CodeQL and

Fresh Blood: Why Changing Pentest Providers Can Improve Your Security Posture

Penetration testing (pentesting) is a crucial component of an effective security program. It involves simulating an attack on an organization's network or systems to identify vulnerabilities that could be exploited by malicious actors. A pentest can help identify security weaknesses that may have been overlooked or not yet

Getting ready for your first pentest: startup founders guide

Congratulations on taking the next step toward ensuring the security of your startup! If you're reading this guide, chances are that you have received requests from your B2B sales partners or customers for SOC2 compliance, and you're now exploring your options to meet these requirements. As

Pentests Matrix for Top Security Compliances

The multitude of guidelines and regulations can be overwhelming, especially when it comes to understanding the penetration testing requirements for each. Determining what each compliance standard requires from a penetration test can be a headache, but it's crucial to get it right. To simplify the process, we'

A Guide to Resource Discovery for Penetration Testing

Introduction Resource enumeration is an essential part of both the pentest preparation and reconnaissance during the pentest. Our team often finds customer internal resources in public access or vulnerable services that are not reflected in the original scope. It is always important to understand that there may be a resource/

White, black, gray, or crystal? Unpacking pentests.

We often hear about different types of penetration tests, however, it's still not clear how they are different and beneficial. In this article, you can find all these answers and comparison tables. There are several different types of pen testing, each with their own set of benefits and

Deep Dive into the CVE-2022-29464 RCE exploit

WSO2 is the leading API Management solution company. It provides various software products for connecting, managing, and securing APIs (Application Programming Interfaces). Organizations in various industries, including financial services, healthcare, government, telecommunications, and retail, use WSO2 products. In April 2022, security researchers recently found a critical vulnerability in certain WSO2