What Is A Sniping Attack? How To Prevent It?
Sniping is an OWASP-identified automated threat that is commonly used by attackers to exploit the weaknesses of web applications. This
What Is A Skewing Attack?
Skewing is an OWASP identified automated threat that is commonly used by attackers to bypass security measures and gain unauthorized
CVE-2023-37289 : INFINITY DOCUMENT ON-LINE SUBMISSION AND APPROVAL SYSTEM 22547/22567 UNRESTRICTED UPLOAD
Description It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in
What Is Scraping?
Scraping is a common OWASP-identified automated threat, used by attackers to automate the collection of data from websites. It involves
What Is Footprinting?
Footprinting is a type of OWASP-identified automated attack that involves gathering information about a target system or network to identify
What Is Fingerprinting? How To Protect Against Fingerprinting Attacks?
Fingerprinting is a type of OWASP automated threat that is used to identify information about a target system or network.
What Is OAT-006 Expediting Attacks?
Expediting attacks, also known as “rush attacks”, are a type of OWASP automated threat that targets a business’s system or
CVE-2023-22018 : ORACLE VM VIRTUALBOX CORE REMOTE CODE EXECUTION
Description Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior
What Is Denial Of Service Attack? What Are The Different Types Of Denial Of Service Attacks?
Denial of Service (DoS) attacks have become increasingly prevalent in recent years. A DoS attack is an attempt to disrupt
CVE-2023-33193 : EMBY SERVER UP TO 4.7.11/4.8.30 REQUEST SMUGGLING
Description Emby Server is a user-installable home media server which stores and organizes a user’s media files of virtually any
What Is OWASP? Describe The OWASP Top 10?
Web applications have become an integral part of modern business operations. They enable companies to interact with their customers, employees,
What Is An HTTP Flood DDoS Attack?
An HTTP flood DDoS attack is a type of cyber attack that aims to overwhelm a web server with a
CVE-2023-21515 : SAMSUNG GALAXY STORE PRIOR 4.5.49.8 APK INPUT VALIDATION
Description InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to
CVE-2023-2825 : GITLAB COMMUNITY EDITION/ENTERPRISE EDITION 16.0.0 PUBLIC PROJECT PATH TRAVERSAL
Description An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a
CVE-2023-2851 : AGT TECH CEPPATRON SQL INJECTION
Description Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in AGT Tech Ceppatron allows Command
What Is Meant By Threat Intelligence Management?
Threat intelligence management is the process of collecting, analyzing, and disseminating information about potential cyber threats to an organization’s security.
CVE-2023-2868 : BARRACUDA EMAIL SECURITY GATEWAY UP TO 9.2.0.006 TAR FILE COMMAND INJECTION
Description A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions
What Is Meant By Data Masking?
Data masking is a technique used to protect sensitive information by replacing it with fictitious data. This technique is particularly
CVE-2023-1424 : MITSUBISHI ELECTRIC MELSEC IQ-F PACKETS BUFFER OVERFLOW
Description Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU
CVE-2023-2845 : CLOUDEXPLORER-LITE UP TO 1.0.X ACCESS CONTROL
Description Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0. References https://huntr.dev/bounties/ac10e81c-998e-4425-9d74-b985d9b0254c https://github.com/cloudexplorer-dev/cloudexplorer-lite/commit/d9f55a44e579d312977b02317b2020de758b763a For More Information MITRE
What Is A Zero Day Attack? How To Prevent A Zero Day Attack?
A zero-day attack is a type of cyber-attack that exploits an unknown vulnerability in software, hardware, or firmware. These attacks
CVE-2023-32336 : IBM INFOSPHERE INFORMATION SERVER 11.7 RMI SERVICE DESERIALIZATION
Description IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an
What Is Denial Of Inventory (DoI)?
Denial of Inventory (DoI) is a type of cyber attack that is used to disrupt or shut down a business’s
CVE-2023-32306 : TIME TRACKER UP TO 1.22.13.5791 REPORTS.PHP SQL INJECTION
Description Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running