PettiPotam Temporary Fix !
Microsoft has released mitigations for the new PetitPotam NTLM relay attack that allows taking over a domain controller or other Windows servers. The new attack uses the Microsoft Encrypting File…
GitLab fixes Critical Vulnerabilities
GitLab is a web-based DevOps life cycle platform providing an open-source license from GitLab Inc. to offer wiki, problem tracking, and continuous pipeline integration and deployment capabilities. GitLab fixed many…
Posted inStorage
QNAP Patches a Critical NAS Bug
QNAP has addressed an improper access control vulnerability in the devices’ disaster recovery and data backup software in its NAS Storage Internet-connected NAS devices are popular targets with threat actors…
PowerShell Nightmare
PowerShell provides a command-line shell, a framework, and a scripting language focused on automation for processing PowerShell cmdlets running on all major platforms, including Windows, Linux, and macOS combining with structural programming…
iPhone Wi-Fi Breaks Abruptly
A wireless network naming convention bug has been discovered in Apple's iOS operating system that effectively disables an iPhone's ability to connect to a Wi-Fi network. The issue was found…
Posted inVulnerability Scanning
Pen Testing Vs Vulnerability Scanning
Penetration testing exploits a vulnerability in your system architecture while vulnerability scanning (or assessment) checks for known vulnerabilities and generates a report on risk exposure. Penetration testing or Vulnerability scanning…
Penetration Testing Types
While going through the threats and vulnerabilities its worthwhile to write up a post on process and methods by which a vulnerability is identified and remediated. This is a second…
Trend Micro Apex One Exploit
Trend Micro disclosed that the threat actors are once again using security solutions as attack vectors and this time attackers are deliberately leveraging a vulnerability in its antivirus solutions, identified…