This week on TCE Cyberwatch, we report on significant breaches affecting both prominent companies and universities, with thousands of individuals impacted.
In addition, TCE Cyberwatch exp… Read More
Maybe you are a newbie in the world of cryptocurrencies or are probably an investor looking for the best crypto exchanges that suit your needs. There are actually three types of crypto excha… Read More
Attackers behind Spinning YARN launched a new cryptojacking campaign targeting publicly exposed Docker Engine hosts by using new binaries chkstart (remote access with payload execution), exe… Read More
A critical vulnerability in the PHP programming language (CVE-2024-4577) has been exploited by ransomware criminals, leading to the infection of up to 1,800 servers primarily in China with t… Read More
The Cyber Express, in collaboration with Cyble Research & Intelligence Labs (CRIL), is dedicated to providing the latest and most comprehensive information on security vulnerabilities. E… Read More
Amazon Elastic Kubernetes Service (Amazon EKS) offers a powerful, Kubernetes-certified service to build, secure, operate, and maintain Kubernetes clusters on Amazon Web Services (AWS). It in… Read More
Overview
On May 7, 2024, Devcore Principal Security Researcher Orange Tsai discovered and reported a critical Remote Code Execution (RCE) vulnerability, CVE-2024-4577, to the PHP… Read More
We’re hard at work updating this content
In the meantime, please browse the Help Center for other articles that may be helpful. Mark contributions as unhelpful if you find them irrelev… Read More
Have you ever heard of a Software Security Assessment? It’s like a detective mission for computer programs! This assessment is all about finding an… Read More
Researchers have identified a sophisticated cyberattack orchestrated by the notorious Kimsuky threat group.
The group has been exploiting a known vulnerability (CVE-2017-11882) in the Mi… Read More
Hugging Face’s story began in 2016 in New York, when a group of passionate machine learning enthusiasts – Clément Delangue, Julien Chaumond, and Thomas Wolf, set out to cr… Read More
WARMCOOKIE is a new Windows backdoor that is deployed by a phishing effort with a recruiting theme dubbed REF6127.
The WARMCOOKIE backdoor can be used to take screenshots of the target co… Read More
Everything You Need to Know About the Log4j Vulnerability
The critical Log4j vulnerability disclosed December 9 is one of the worst vulnerabilities in cybersecurity hi… Read More
In May 24, 2024, Zero-Day Initiative released a security advisory for Ivanti EPM which was associated with SQL injection Remote code execution vulnerability.
This vulnerability was assign… Read More
Imagine having an assistant at your fingertips, capable of translating your ideas into reality with just a few clicks. Technology has made it possible with Artificial Intelligence (AI) and M… Read More
Cybersecurity watchdog Shadowserver has identified 256,000+ publicly exposed servers vulnerable to a critical Remote Code Execution (RCE) flaw in Microsoft Message Queuing (MSMQ) services… Read More
Hackers go for Apple due to its massive user base along with rich customers, including business people and managers who use those devices with some important information.
Even with these… Read More
Home
Microsoft fixes 49+ security bugs with its June edition of Patch Tuesday
Microsoft has come up with another big update with its Patch Tuesday. With this single Patc… Read More
A dark web hacker that goes by the name “Tombstone” has claimed and advertised multiple vulnerabilities affecting a subdomain affiliated with Google LLC.
The hacker clai… Read More
Microsoft has disclosed two Critical remote code execution vulnerabilities in MSMQ (Microsoft Message Queuing) and the Windows Wi-Fi Driver.
The CVE for these vulnerabilities has been ass… Read More
Today is Microsoft's June 2024 Patch Tuesday, which includes security updates for 51 flaws, eighteen remote code execution flaws, and one publicly disclosed zero-day vulnerability Read More
The TellYouThePass ransomware gang has been exploiting the recently patched CVE-2024-4577 remote code execution vulnerability in PHP to deliver webshells and execute the encryptor paylo… Read More
AutoRABIT Tech Blog: Key Announcements from the Summer ‘24 Release
By Prasanth Samudrala, AutoRABIT VP of Solutions Engineering
The Salesforce Summer ’24 release introduces… Read More
Businesses, these days, are under pressure to stay current with the latest trends, technologies, and consumer preferences. If these entrepreneurs and business founders want to stay relevant… Read More
While the new-generation Xbox One consoles have been out for a while, until recently there weren't any softmods (software modifications to make a system behave differently) for users. That h… Read More
A proof-of-concept (PoC) exploit has been released for a critical authentication bypass vulnerability in Veeam Backup Enterprise Manager.
The vulnerability, identified as CVE-2024-29849… Read More
A critical remote code execution (RCE) vulnerability has been discovered in PHP for Windows, affecting version 5.x and earlier, potentially impacting millions of servers globally. Researcher… Read More
A threat actor known as spr1ngtr4p has purportedly advertised a Remote Code Execution (RCE) vulnerability affecting a subdomain of Italy's Ministry of Defence website.
This RCE vulnerabi… Read More
Published on June 10th, 2024The infamous North Korean hacking group, Andariel, is back in the news.
This time, they’ve set their sights on South Korean institutions, including educatio… Read More
Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances.
The vulnerability, tracked as CVE… Read More
Slashdot reader storagedude shared this report from The Cyber Express:
A security researcher discovered an exploitable timing leak in the Kyber key encapsulation mechanism (KEM) that's in… Read More
Windows 11 Pro is not just a cosmetic upgrade from its predecessors; it brings a robust suite of security enhancements designed to protect your data and maintain system integrity. Whether yo… Read More
A new critical remote code execution (RCE) vulnerability has been discovered in PHP, affecting all versions affects all PHP versions PHP since 5.x that are installed on MS Windows operating… Read More
Introduction to E-Commerce Website Development
Discover top e-commerce website development services for your online business. Expert e-commerce website developers ensure quality at compet… Read More
A new PHP for Windows remote code execution (RCE) vulnerability has been disclosed, impacting all releases since version 5.x, potentially impacting a massive number of servers worldwide… Read More
Apache RocketMQ platform is a widely used messaging system that handles high volumes of data and critical operations, often attracting hackers.
Exploiting the vulnerabilities in Roc… Read More
If you haven’t upgraded to version 1.3.0 of Apache HugeGraph, now is the time. At least two proof-of-concept (POC) exploits for a CVSS 9.8-rated remote command execution (RCE) vulnerab… Read More
Are you confused about which malware removal tool to choose between RogueKiller and Malwarebytes? You’re not alone. Both are popular and efficient tools that can help you keep your PC… Read More
As cyber threats continue to evolve in sophistication, the need for robust penetration testing has never been more critical. Penetration testing tools play a vital role in identify… Read More
A security flaw has been found in Fluent Bit’s built-in HTTP server that could be exploited to potentially cause denial of service, information disclosure and, given enough time and… Read More
On March 20, 2024, Progress Software disclosed three vulnerabilities in its Telerik Report Server products. The vulnerabilities were identified as CVE-2024-1800, CVE-2024-1801, and CVE-2024… Read More
Have you ever considered the best way to run your call center? The response lies in utilizing the right tools and devices. One such solution that stands apart is VICIdial. This is an advance… Read More
Xelent Solutions, a leading technology company, specializes in providing cutting-edge web and mobile app development services. Established over a decade ago, the firm has garnered a reputati… Read More
Apple has refused to pay Kaspersky Lab a reward for discovering critical vulnerabilities in iOS that allowed attackers to install spyware on any iPhone.
According to RTVI, the vulnerabil… Read More
A thorough security testing method called Vulnerability Assessment and Penetration Testing (VAPT) is used to find weaknesses in computer systems, networks, and applications. It entails analy… Read More
Magento or Adobe Commerce never fails to amaze us. This tradition continues with its latest release. Adobe Commerce 2.4.7 is a significant improvement if we compare it with its predecessors… Read More
A security researcher discovered an exploitable timing leak in the Kyber key encapsulation mechanism (KEM) that’s in the process of being adopted by NIST as a post-quantum cryptographi… Read More
A new critical security vulnerability has been discovered in multiple versions of Atlassian’s Confluence Server and Data Center products. The flaw, assigned CVE-2024-21683, is a high-s… Read More
Zyxel has released patches addressing critical command injection and remote code execution vulnerabilities in two of its NAS products, NAS326 and NAS542, which have reached end-of-vulnerabil… Read More
Published on June 4th, 2024Phishing attacks are a persistent threat in today’s digital landscape. The ease of crafting deceptive emails and websites has fueled their rise, posing a sig… Read More
To develop software systems that are dependable and high-performing, Site Reliability Engineers (SREs) combine the concepts of software engineering with the discipline of operations. Designi… Read More
Published on June 4th, 2024AI-as-a-service (AIaaS) platforms offer a convenient way to deploy and utilize machine learning models.
However, a recent security flaw in Replicate, a popular AIa… Read More
How to create a serverless application using AWS Lambda and EC2In the
fast-evolving world of cloud computing, creating serverless
applications has become a pivotal skill for DevOps eng… Read More