Review: Metasploit, 2nd Edition 2025-06-02 at 08:18 By Mirko Zorz If you’ve spent any time in penetration testing, chances are you’ve crossed paths with Metasploit. The second edition of Metasploit tries to bring the book in line with how pentesters are using the tool. It mostly succeeds, with some caveats depending on your experience level […]
React to this headline:
Review: Metasploit, 2nd Edition Read More »
LockBit hacked: What does the leaked data show? 2025-05-09 at 14:33 By Zeljka Zorz The affiliate panel of the infamous LockBit Ransomware-as-a-Service (RaaS) group has been hacked and defaced, showing a link to a MySQL database dump ostensibly containing leaked data relating to the group’s operations: The defaced dark web affiliate panel (Source: Help Net
React to this headline:
LockBit hacked: What does the leaked data show? Read More »
Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) 2025-05-08 at 15:38 By Zeljka Zorz SonicWall has fixed multiple vulnerabilities affecting its SMA100 Series devices, one of which (CVE-2025-32819) appears to be a patch bypass for an arbitrary file delete vulnerability that was exploited in zero-day attacks in early 2021, and may have also
React to this headline:
Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) Read More »
Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle 2025-04-11 at 21:05 By Ryan Naraine The CVE-2025-22457 has already been exploited by a China-nexus hacking gang notorious for breaking into edge network devices. The post Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle appeared first on SecurityWeek. This
React to this headline:
Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle Read More »
Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) 2025-04-01 at 18:49 By Zeljka Zorz Exploitation attempts targeting the CVE-2025-2825 vulnerability on internet-facing CrushFTP instances are happening, the Shadowserver Foundation has shared on Monday, and the attackers have been leveraging publicly available PoC exploit code. What can be done? CVE-2025-2825, affecting CrushFTP versions 10.0.0 through
React to this headline:
Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) Read More »
Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) 2025-03-20 at 14:29 By Zeljka Zorz Veeam has released fixes for a critical remote code execution vulnerability (CVE-2025-23120) affecting its enterprise Veeam Backup & Replication solution, and is urging customers to quickly upgrade to a fixed version. There is currently no indication that the
React to this headline:
Cybersecurity needs a leader, so let’s stop debating and start deciding 2025-02-25 at 18:09 By Help Net Security Have you ever heard anyone earnestly ask in a business, “Who owns legal?” or “Who sets the financial strategy?” Probably not – it should be obvious, right? Yet, when it comes to cybersecurity, the question of ownership
React to this headline:
Cybersecurity needs a leader, so let’s stop debating and start deciding Read More »
A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) 2025-02-17 at 15:49 By Zeljka Zorz The suspected Chinese state-sponsored hackers who breached workstations of several US Treasury employees in December 2024 did so by leveraging not one, but two zero-days, according to Rapid7 researchers. It was initially reported that the attackers compromised the
React to this headline:
A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) Read More »
Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation 2025-02-13 at 22:20 By Ryan Naraine Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support product. The post Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation appeared first on SecurityWeek. This article is an
React to this headline:
Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation Read More »
Ransomware payments plummet as more victims refuse to pay 2025-02-06 at 15:49 By Zeljka Zorz Chainalysis’ latest report on how the ransomware landscape changed from 2023 to 2024 shows a promising trend: An increasing number of victims refuses to pay the ransom. The total volume of ransom payments decreased year-over-year by approximately 35%, the blockchain
React to this headline:
Ransomware payments plummet as more victims refuse to pay Read More »
Ransomware in 2024: New players, bigger payouts, and smarter tactics 2024-12-19 at 06:03 By Help Net Security In 2024, ransomware remained the top cybersecurity threat to organizations worldwide. New groups filled the void left by law enforcement crackdowns, targeting businesses with record-breaking ransom demands and sophisticated tactics. In this article, you will find excerpts from
React to this headline:
Ransomware in 2024: New players, bigger payouts, and smarter tactics Read More »
Cleo patches zero-day exploited by ransomware gang 2024-12-12 at 18:34 By Zeljka Zorz Cleo has released a security patch to address the critical vulnerability that started getting exploited while still a zero-day to breach internet-facing Cleo Harmony, VLTrader, and LexiCom instances. Version 5.8.0.24 of the three products, which was pushed out on Wednesday, plugs the
React to this headline:
Cleo patches zero-day exploited by ransomware gang Read More »
Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575) 2024-10-24 at 12:18 By Zeljka Zorz Fortinet has finally made public information about CVE-2024-47575, a critical FortiManager vulnerability that attackers have exploited as a zero-day. About CVE-2024-47575 CVE-2024-47575 is a vulnerability stemming from missing authentication for a critical function in FortiManager’s fgfmd daemon. Remote, unauthenticated attackers could
React to this headline:
Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575) Read More »
Infosec products of the month: September 2024 2024-10-01 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Absolute, anecdotes, ArmorCode, Binarly, Bitdefender, Druva, F5 Networks, Gcore, Guardsquare, Huntress, Ketch, LOKKER, Malwarebytes, NETGEAR, Nudge Security, Prompt Security, Rapid7, Revenera, Skyhigh Security, Strivacity, Tenable, Trellix,
React to this headline:
Infosec products of the month: September 2024 Read More »
CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE 2024-09-27 at 13:31 By Zeljka Zorz After much hyping and following prematurely leaked information by a third party, security researcher Simone Margaritelli has released details about four zero-day vulnerabilities in the Common UNIX Printing System (CUPS) that can be abused by remote, unauthenticated attackers to
React to this headline:
CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE Read More »
New infosec products of the week: September 20, 2024 2024-09-20 at 06:31 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from anecdotes, F5 Networks, Gcore, Rapid7, Strivacity, and Veritas Technologies. Veritas unveils AI-driven features to simplify cyber recovery Veritas Technologies unveiled new AI-driven capabilities to
React to this headline:
New infosec products of the week: September 20, 2024 Read More »
Rapid7 launches Vector Command for continuous red teaming and security gap identification 2024-09-18 at 13:01 By Industry News Rapid7 has unveiled Vector Command, a fully-managed offensive security service. Vector Command combines the external attack surface assessment capabilities of Rapid7’s recently launched Command Platform with continuous Red Teaming services by its internal experts to help customers
React to this headline:
CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766) 2024-09-10 at 15:31 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-40766 – a recently fixed improper access control vulnerability affecting SonicWall’s firewalls – to its Known Exploited Vulnerabilities catalog, thus confirming it is being actively exploited by attackers. Though the
React to this headline:
CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766) Read More »
Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195) 2024-09-06 at 13:02 By Zeljka Zorz For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to unauthenticated remote code execution. About CVE-2024-45195 Apache OFBiz is an open-source suite
React to this headline:
Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195) Read More »
Infosec products of the month: August 2024 2024-09-02 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Adaptive Shield, AppOmni, ArmorCode, Bitwarden, Cequence Security, ClearSale, Clutch Security, Contrast Security, Dragos, Elastic, Endor Labs, Entrust, Fortanix, Fortinet, Guardio, HYCU, Ivanti, McAfee, Nucleus Security, Own,
React to this headline:
Infosec products of the month: August 2024 Read More »