SecureBug allows you to evaluate your offensive and defensive skills, in addition, to let you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.

Facebook and LinkedIn demand Clearview stop scraping images

Facebook and LinkedIn demand Clearview stop scraping images

Facebook and LinkedIn demand Clearview stop scraping images. Twitter has sent a cease-and-desist letter to facial recognition startup Clearview AI over unauthorized photo scraping. A cease-and-desist letter is sent to an individual or a company to stop any unauthorized activity and to not restart it. “Scraping people’s information violates our policies, which is why we’ve…


Cisco CDPwn vulnerabilities affect impact millions of enterprise devices

Cybersecurity provider Armis Security Inc. has disclosed five critical vulnerabilities in a Cisco Systems Inc. networking protocol. The vulnerabilities could allow hackers to target millions of enterprise devices worldwide, from data center switches to conference phones. CDP is a Cisco proprietary Layer 2 network protocol that is used to discover information about locally attached Cisco…


Coronaviruset används som bete i fishingattack!

Nya fishing-kampanjer använder coronavirus-utbrottet som ett bete i nya attacker. Spammare utnyttjar Coronavirus-utbrottet för att sprida skadlig programvara via e-postmeddelanden. Meddelandena påstår sig erbjuda information om hur man kan försvara sig mot det verkliga viruset. Cyberbrottsgrupper har startat malspam-attacker som drar nytta av det stora intresset gentemot onlinesökningar av ämnet. Den 22 januari släppte den…


Fortinet tog bort SSH-nycklar och databas back doors från FortiSIEM

Fortinet har släppt korrigeringar för att ta bort två backdoor-konton från FortiSIEM-apparater. Patcharna fixar de två sårbarheterna CVE-2019-17659 och CVE-2019-16153. SIEM står för Security Information and Event Management och är en typ av programvara som används av cybersäkerhetsteam. Nyligen upptäckte en säkerhetsspecialist från Cybera en hardcoded SSH-nyckel i Fortinets Security Information and Event Management FortiSIEM…

windows-rce-RD gateway

Researcher demoed RCE Exploit for Windows RD Gateway

InfoGuard AG penetration tester Luca Marcelli has demoed a working exploit for two recently discovered vulnerabilities in Windows Remote Desktop Gateway (RD Gateway). RD Gateway allows admins to allow connections coming from the Internet to access Remote Desktop servers on internal networks only after proper authentication. The exploit targets the CVE-2020-0609 and CVE-2020-0610 vulnerabilities found in the Remote Desktop Gateway…


Microsoft’s Internet Explorer zero-day workaround breaks printing

As reported earlier an unpatched zero-day vulnerability exists in Internet Explorer that is being exploited in targeted attacks. Microsoft still hasn’t released a patch for the vulnerability dubbed as CVE-2020-0674.  Although Microsoft suggested mitigation steps, there are a few problems that are left unsolved. Windows Media Player, Microsoft print to PDF, and local USB printers are all…