Shocking revelations about the US government data siphoning, the historic security breach at Windsor Castle, and the MOVEit hack leave people confused. All of this and much more is discussed in the latest edition of the Smashing Security podcast by…
A combination of factors such as an expanding attack surface, increasing cybersecurity and data regulation, and an ongoing skills shortage are putting unsustainable pressure on the mental health of cyber leaders and professionals. “The environment is particularly tough. I’m really…
June 14, 2023Ravi LakshmananPatch Tuesday / Vulnerability Microsoft has released fixes for the Windows operating system and other software components to fix major security flaws as part of its June 2023 Patch Tuesday updates. Of the 73 flaws, the severity…
Cybersecurity experts at Orca Security have identified two critical cross-site scripting (XSS) vulnerabilities in Microsoft Azure services. The flaw exploited a weakness in the postMessage iframe that could expose Azure users to a potential security breach. This vulnerability was found…
June 14, 2023hacker newsThreat Intel / Network Security Back in the 90’s and early 80’s, the System Administrator’s Handbook said:Filter incoming traffic.not everyone is a good person“(later coined by Gandalf)”you shall not passAs such, CIOs began tightening network fencing on…
A series of malicious GitHub repositories masquerading as legitimate security research projects have been discovered. VulnCheck researcher Jacob Baines shared the findings in a new advisory published today, claiming the repository contains exploits for well-known products such as Chrome, Exchange…
June 14, 2023Ravi LakshmananZero-day/network security Chinese state aid group known as UNC3886 A zero-day flaw in VMware ESXi hosts was found to be exploited to backdoor Windows and Linux systems. VMware Tools Authentication Bypass Vulnerability Tracked as CVE-2023-20867 (CVSS Score:…
Earlier this year, I was honored to be invited by Vodafone to appear on an episode of their series “Learning Curve” for founders, business leaders and those who actually want to be business leaders. Even though I heard that the…
A critical security vulnerability has been discovered in the popular WooCommerce Stripe Gateway plugin, which could expose users’ personally identifiable information (PII). This vulnerability affects versions 7.4.0 and below of the Unauthenticated Insecure Direct Object Reference (IDOR) plugin, which boasts…
June 14, 2023Ravi LakshmananCloud security/vulnerability Two “dangerous” security vulnerabilities have been identified in Microsoft Azure Bastion and Azure Container Registry that could be exploited to carry out cross-site scripting (XSS) attacks. “This vulnerability allows unauthorized access to a victim’s session…
All Rights Reserved. Kowatek Blog by IWUCHI
Home | About Us | Disclaimer | Privacy Policy | Contact Us
