
Blog Series
Month: February 2024

Several libde265 Vulnerabilities Patched: What...
Several vulnerabilities were discovered in libde265, an Open H.265 video codec implementation. These vulnerabilities could result in denial of service and potentially the execution of arbitrary code if a specially...
Unrestricted Code...
This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue team exercises operated by these...
FortiGate Flaw: Threat Actors Breach...
In a recent revelation, the Dutch Ministry of Defence disclosed a concerning breach in its internal computer network, orchestrated by Chinese state-sponsored hackers. The network security breach, detected by both...
Cloudflare Breached: Credentials Used For...
In a recent revelation, Cloudflare, a prominent networking giant, disclosed a security breach that occurred in late November, where threat actors exploit stolen passwords to gain unauthorized access to sensitive...
Critical PixieFail Vulnerabilities Lead to...
A set of critical security vulnerabilities has been found in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification. Named PixieFail...
iptables vs nftables in Linux:...
nftables provides a simpler, more efficient alternative to iptables, with unified IPv4/IPv6 handling. Features like rule tracing and multi-action rules in nftables enhance network management. Transitioning to nftables offers better...
Juniper Networks OS Update Released...
In response to pressing security concerns, Juniper Networks has swiftly deployed out-of-band updates aimed at mitigating two high-severity vulnerabilities. These vulnerabilities, identified as CVE-2024-21619 and CVE-2024-21620, pose significant risks to...
New Malware in Exploits Targeting...
Google-owned Mandiant has uncovered a new malware exploiting vulnerabilities in Ivanti Connect Secure VPN and Policy Secure devices. These malwares have been utilized by several threat groups, including the China-nexus...
0-days, n-days, too many...
A software vendor, a threat actor, and a bug bounty hunter walk into a bar. The bug bounty hunter goes “have you guys heard about this new bug I just...
Commando Cat Attacks: Protect Exposed...
Exposed Docker API risks pose significant security threats to organizations utilizing container technology. In recent months, a sophisticated crypto jacking operation dubbed Commando Cat has emerged as a potent threat...
FritzFrog Botnet Strikes Back Exploiting...
A new variant of the sophisticated botnet “FritzFrog” has emerged, leveraging the Log4Shell vulnerability for propagation. Despite more than two years passing since the Log4j flaw was discovered, attackers continue...