MaLDAPtive is an open-source framework for LDAP SearchFilter parsing, obfuscation, deobfuscation, and detection. At its core, the project features a custom-built C# LDAP parser designed for tokenization and syntax... Read more »
Off-the-shelf offensive security tools and poorly configured cloud environments create openings in the attack surface, according to Elastic. Adversaries are utilizing off-the-shelf tools Offensive security tools (OSTs), including Cobalt... Read more »
Here’s a look at the most interesting products from the past week, featuring releases from Balbix, Halcyon, Metomic, Red Sift, SAFE Security, Veeam Software, and Legit Security. SAFE X... Read more »
The Dutch government blames a “state actor” for hacking a police system, exposing the contact details of all police officers, according to the justice minister. The Dutch police blame... Read more »
A third of U.K. teachers have not received cyber security training this year, and only two-thirds of those that did deemed it useful, according to a government poll. Read more »
CVE-2024-29824, an unauthenticated SQL Injection vulnerability in Ivanti Endpoint Manager (EPM) appliances, is being exploited by attackers, the Cybersecurity and Infrastructure Security Agency has confirmed by adding the bug... Read more »
Over 4,000 unpatched Adobe Commerce and Magento stores have been compromised by exploiting critical vulnerability CVE-2024-34102. Sansec researchers reported that multiple threat actors have exploited a critical Adobe Commerce... Read more »
Malwarebytes released new features for Browser Guard, its free browser extension for Chrome, Edge, Firefox, and Safari that blocks content identified as potentially unwanted and unsafe. Users will now... Read more »
Darktrace announced the expansion of Darktrace / CLOUD to support Microsoft Azure environments. The AI-driven Cloud Detection and Response (CDR) system leverages Microsoft’s virtual network flow logs for agentless... Read more »
While the Common UNIX Printing System (CUPS) vulnerabilities recently disclosed by researcher Simone “evilsocket” Margaritelli are not easily exploited for remote command execution on vulnerable systems, they could offer... Read more »