Toute l'actualité de la Cybersécurité


High-Risk Vulnerabilities in Apache HTTP Server's mod_proxy Encoding Problem Allow Authentication…

2024-10-06 17:12:54
Bounty -CVE-2024–38473Continue reading on InfoSec Write-ups »

Lire la suite »

IOS Penetration Testing: Guide to Static Testing

2024-10-06 17:12:52
During an iOS application penetration test, a penetration tester utilizes a range of techniques, tools, and methodologies to evaluate the application's security posture. One such method is static analysis....

Lire la suite »

I Studied 100+ SSRF Reports, and Here's What I Learned

2024-10-06 17:12:49
After diving into over 100 write-ups and reports on Server-Side Request Forgery (SSRF), I've compiled the key insights and knowledge I've gained into this blog. Here, I aim to share a comprehensive...

Lire la suite »

IDOR Leads To Account Takeover

2024-10-06 17:12:47
IDOR, one of the most common vulnerabilities in applications, can lead to major security leaks. Today, I'll walk you through how I discovered an IDOR flaw that allowed access to other users' accounts...

Lire la suite »

Why I Quit Bug Bounty Hunting :(

2024-10-06 17:12:14
It was purely my experience , i respect other bug bounty hunters :)Continue reading on InfoSec Write-ups »

Lire la suite »

From Conflict to Collaboration: The Evolution of Vulnerability Disclosure

2024-10-06 17:12:04
The Evolution of Vulnerability DisclosureAn Overview of How Vulnerability Disclosure Programs (VDPs) and Coordinated Vulnerability Disclosure (CVD) Have Evolved to Empower Ethical Hackers and Protect...

Lire la suite »

Critical Vulnerabilities in porte_plume plugin to Remote Exploits -$$$$ Bounty -CVE-2024–7954

2024-10-06 17:12:02
Description: Bounty -CVE-2024–7954Continue reading on InfoSec Write-ups »

Lire la suite »

THM Smag Grotto: Learn Web Security, Privilege Escalation (Walkthrough)

2024-10-06 17:11:56
Once the IP is known, conduct a thorough nmap scan to discover open ports and services, providing valuable insights for further exploration and potential vulnerabilities.nmap -sC -sV $ip Based on the...

Lire la suite »

Uncovering 0-Days: The Crucial Role of RFCs in Vulnerability Research and the Recent Windows…

2024-10-06 17:11:50
Uncovering 0-Days: The Crucial Role of RFCs in Vulnerability Research and the Recent Windows TCP/IPv6 ExploitHey everyone, it's been a while since I last posted! If you were expecting this to be a...

Lire la suite »

HTB | Editorial — SSRF and CVE-2022–24439

2024-10-06 17:11:49
HTB | Editorial — SSRF and CVE-2022–24439This is a Linux box. You can find it here.Skill LearnedSSRFgitCVE-2022–24439NMAPIP:10.10.11.11nmap -sT -p- --min-rate 10000 10.10.11.20nmap -sC -sV...

Lire la suite »

How to Convert Videos to HLS for Web & Mobile Streaming With AWS Elemental MediaConvert

2024-10-06 16:00:20
Whether you're developing a streaming platform, an online learning portal, or any application requiring video playback, seamless video streaming is essential.

Lire la suite »

Comcast and Truist Bank customers caught up in FBCS data breach

2024-10-06 15:12:23
Comcast Cable Communications and Truist Bank have disclosed they were impacted by a data breach at FBCS, and are now informing their respective customers that their data has been compromised. [...]

Lire la suite »

How to Efficiently Perform Release Planning in Product Management

2024-10-06 15:00:24
Having a clear direction for prioritization and a vetted framework that can be scaled to 90% of the problems can enable smoother release planning.

Lire la suite »

Companies Are Now Using Chatbots as Job Interviewers

2024-10-06 15:00:21
15% of businesses plan to use AI to handle the entire hiring process by the end of 2024. But is AI effective at conducting interviews, and how will that impact the candidates being interviewed?

Lire la suite »

Man pleads guilty to stealing million in crypto from 571 victims

2024-10-06 14:17:27
A 21-year-old man from Indiana named Evan Frederick Light pleaded guilty to stealing ,704,560 worth of cryptocurrency from 571 victims in a 2022 cyberattack. [...]

Lire la suite »

Kickstart Your Crypto Trading Journey with These Top AI Trading Bots

2024-10-06 13:44:43
AI trading bots offer a game-changing solution for cryptocurrency investors, enabling round-the-clock trading, emotional neutrality, and strategy automation. With various platforms available, each suited...

Lire la suite »

Fetching Large Logs from Loki in Kubernetes

2024-10-06 13:18:24
When cold, the application writes about 60 lines per minute, and when someone interacts with the application, it can write 2000-5000 lines of logs per minute. Our project setup did not include a configured...

Lire la suite »

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 14

2024-10-06 13:16:37
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the...

Lire la suite »

It's Time to Sound the Alarm on SMB Cyber Threats

2024-10-06 13:00:13
There's an unnerving secret many of us in cybersecurity have noticed. And if you think your company is “too small” to be worried about a potential attack, think again. As... The post It's Time...

Lire la suite »

Google Pay alarms users with accidental ‘new card' added emails

2024-10-06 13:00:00
Google Pay alarmed users this week after erroneously sending out "new card" added email notifications. Google has acknowledged that the email was "accidental" and that no user information was compromised....

Lire la suite »

Virtual Besties: TV Shows, Social Media and the Evolution of Parasocial Relationships

2024-10-06 12:43:33
This post explores how new Vietnamese TV shows utilize social media to foster parasocial interactions (PSIs), allowing viewers to feel more connected to the contestants and the behind-the-scenes content....

Lire la suite »

Security Affairs newsletter Round 492 by Pierluigi Paganini – INTERNATIONAL EDITION

2024-10-06 12:05:37
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter,...

Lire la suite »

Children Should Not Be Content: The Case Against Kid Influencers

2024-10-06 10:57:33
"No Child Deserves to Be an Influencer", argues against the practice of turning children into influencers. It discusses how parents often exploit their children for fame and profit on social media, exposing...

Lire la suite »

Google Pixel 9 supports new security features to mitigate baseband attacks

2024-10-06 08:44:36
Google announced that its Pixel 9 has implemented new security features, and it supports measures to mitigate baseband attacks. Pixel phones are known for their strong security features, particularly...

Lire la suite »

The TechBeat: From Clicks to Value: TapSwap's Sustainable Approach to Tap-to-Earn (10/6/2024)

2024-10-06 06:10:58
How are you, hacker? 🪐Want to know what's trending right now?: The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here. ...

Lire la suite »

Fedora 39: chromium 2024-7aba3c1531 Security Advisory Updates

2024-10-06 01:26:37
update to 129.0.6668.89 High CVE-2024-7025: Integer overflow in Layout High CVE-2024-9369: Insufficient data validation in Mojo High CVE-2024-9370: Inappropriate implementation in V8

Lire la suite »

Compilation of the Most Common JavaScript Interview Questions

2024-10-06 00:06:10
This post provides a detailed list of JavaScript interview questions, from basic to advanced levels, to help you practice and prepare for technical interviews.

Lire la suite »

Generative AI Will Kill Old Stack Vendors. Let It.

2024-10-06 00:04:28
\ Halloween. It's spooky season, so let's bludgeon a few old stack vendors to death — Appian, IBM, Salesforce, SAP, Pegasystems, IFS, Oracle, Software AG, TIBCO, UIPath…they're The...

Lire la suite »

ChatGPT Canvas: A Game-Changer for Writers and Coders

2024-10-06 00:01:44
OpenAI has recently launched a new feature called Canvas for ChatGPT. Canvas is designed to enhance users' interactions with AI for writing and coding projects. This new interface aims to provide a...

Lire la suite »

The 10 Most Powerful AI Image Generators with 4 Sample Images Each

2024-10-06 00:00:29
A tour-de-force through the ten most effective AI generators available on the Internet today. Samples of outputs and prompts with pictures provides, Four pictures for each of the ten tools.

Lire la suite »