16Eyl
23andMe to pay $30 million in settlement over 2023 data breach
Genetic testing company 23andMe will pay $30 million over a 2023 data breach which ended in millions of customers having data exposed.
16Eyl
Are peripheral issues and systems normally considered in a white box penetration testing scope?
As Wikipedia defines:
White-box testing is a method of software testing that tests internal structures or workings of an application, as opposed to its functionality (i.e. black-box testing).
When the code is a target of its own, this i…
16Eyl
North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware
Cybersecurity researchers are continuing to warn about North Korean threat actors’ attempts to target prospective victims on LinkedIn to deliver malware called RustDoor.
The latest advisory comes from Jamf Threat Labs, which said it spotted an attack a…
16Eyl
From Breach to Recovery: Designing an Identity-Focused Incident Response Playbook
Imagine this… You arrive at work to a chaotic scene. Systems are down, panic is in the air. The culprit? Not a rogue virus, but a compromised identity. The attacker is inside your walls, masquerading as a trusted user. This isn’t a horror movie, it’s…
16Eyl
Psobf – PowerShell Obfuscator
Tool for obfuscating PowerShell scripts written in Go. The main objective of this program is to obfuscate PowerShell code to make its analysis and detection more difficult. The script offers 5 levels of obfuscation, from basic obfuscation to script fr…
16Eyl
CVE-2024-45496 | Red Hat OpenShift Controller Manager insecure inherited permissions
A vulnerability, which was classified as critical, was found in Red Hat OpenShift. This affects an unknown part of the component Controller Manager. The manipulation leads to insecure inherited permissions.
This vulnerability is uniquely identified as…
16Eyl
CVE-2024-7387 | Red Hat OpenShift Builder path traversal
A vulnerability, which was classified as critical, has been found in Red Hat OpenShift. Affected by this issue is some unknown functionality of the component Builder. The manipulation leads to path traversal.
This vulnerability is handled as CVE-2024-…
16Eyl
CVE-2024-46970 | JetBrains IntelliJ IDEA up to 2023.3.3 Project Name cross site scripting
A vulnerability classified as problematic was found in JetBrains IntelliJ IDEA. Affected by this vulnerability is an unknown functionality of the component Project Name Handler. The manipulation leads to cross site scripting.
This vulnerability is kno…
16Eyl
Master Your PCI DSS v4 Compliance with Innovative Smart Approvals
The PCI DSS landscape is evolving rapidly. With the Q1 2025 deadline looming ever larger, businesses are scrambling to meet the stringent new requirements of PCI DSS v4.0. Two sections in particular, 6.4.3 and 11.6.1, are troublesome as they demand tha…
16Eyl
CVE-2024-39613 | Mattermost Desktop App up to 5.8.0 Absolute Path cmd.exe uncontrolled search path
A vulnerability classified as critical has been found in Mattermost Desktop App up to 5.8.0. Affected is an unknown function of the file cmd.exe of the component Absolute Path Handler. The manipulation leads to uncontrolled search path.
This vulnerabi…
