SecureBug allows you to evaluate your offensive and defensive skills, in addition, to let you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.
Cisco Systems har patchat en sårbarhet med hög svårighetsgrad i Webex-videokonferensplattformen, vilket kan tillåta obehöriga användare att gå med i lösenordsskyddade Webex-möten. Sårbarheten, kallad CVE-2020-3142, påverkade Cisco Webex Meetings Suite-webbplatser och Cisco Webex Meetings Online-webbplatser som släpps tidigare än 39.11.5 och 40.1.3. Sårbarheten har fått en CVSS-poäng på 7,5 av 10 och upptäcktes medan experterna…
Researchers have disclosed how an EFS attack launched by ransomware can take advantage of the Windows Encrypting File System, prompting security vendors to release patches. The ransomware takes advantage of a feature in Windows that encrypts files and folders to protect them from unauthorized physical access to the computer. The attack leaves systems relying on…
Cisco Systems has fixed a high-severity vulnerability in the Webex video conferencing platform, which could allow unauthorized users to join password-protected Webex meetings. The vulnerability, dubbed as CVE-2020-3142, affected Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites, releases earlier than 39.11.5 and 40.1.3. It has received a CVSS score of 7.5 out…
A critical Cisco vulnerability exists in its administrative management tool for Cisco network security solutions. The flaw could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on a particular device. According to the company, the vulnerability exists in the web-based management interface of the Cisco Firepower Management Center…
Personal data and the professional performance of more than 900 Regus employees were accidentally published online after being checked by the employees. Regus has added employees through the mystery shopping company Applause to train employees and improve their performance. The details were then published on Trello, an application for creating Kanban lists. Trello boards have…
On January 22, Microsoft disclosed a security breach that took place in December 2019. The breach was caused by a misconfigured server that led to the accidental exposure of about 250 million customer support and service records. Some of them contain personally identifiable information. “Our investigation has determined that a change made to the database’s…
A security expert found a hard-coded cryptographic (SSH) public key vulnerability in Fortinet ’s Security Information and Event Management FortiSIEM. It can be abused to gain access to the FortiSIEM Supervisor. Andrew Klaus, the expert from Cybera, discovered that the Fortinet devices share the same SSH key for the user ‘tunneluser‘, and it is stored…
The FTCode ransomware has been upgraded to steal saved user credentials from browsers and email services. Its targets are Internet Explorer, Mozilla Firefox, Mozilla Thunderbird, Google Chrome, and Microsoft Outlook. FTCode is believed to be the handiwork of Russian threat groups. Sophos first discovered the malware in 2013, and it reappeared in October 2019 as…
Japanese company Mitsubishi Electric disclosed a security breach that might have caused the leak of personal and confidential corporate information. Mitsubishi Electric Corp announced that it had been the target of a series of cyberattacks that has led to information regarding Government agencies and other business partners being compromised. The security breach was discovered after…
Video game maker Ubisoft has filed a lawsuit against a website that allegedly sells subscriptions to a server that distributes denial-of-service (DDoS) attacks on Rainbow Six. The company claims they are “well aware of the harm” the service has caused for the company. Ubisoft is seeking to shut down the website and claim damages and…