log4j persistently keeps its place on the agenda. Although it has been stated that it is very critical and many articles have been written about it, a list has been published and put up for sale that is including more than 500k potential and 220k vulnerable hosts. You can reachContinue Reading
Belgium’s ministry of defense confirmed on Monday it had been hit by a cyber attack. Log4j vulnerability discovered earlier in December and very popular in recent days. According to the Belgian Defense Ministry officials, hackers exploited Log4j vulnerability in one of their systems. The ministry uncovered the attack last Thursday.Continue Reading
Subdomain enumeration is an information gathering technique. It can be used to define the all sites opened to the internet in a company. In large organizations, it is very common to have some forgotten websites that having vulnerabilities or some sensitive data. So, subdomain enumeration also important for bug bounty.Continue Reading
VMware Carbon Black has published an update to resolve critical authentication bypass vulnerability on Carbon Black App Control product. App Control is a solution to lock down critical systems and servers to prevent unwanted changes and ensure continuous compliance with regulatory mandates. This authentication bypass vulnerability was followed by CVE-2021-21998.Continue Reading
WPStatistics, as the name suggests, a plugin allows site owners see and show their visitor count. It also brings IP address and country details of the visitors. Wordfence Threat Intelligence team announced that they find a vulnerability in WPStatistics plugin. This plugin is installed more than 600.000 WordPress website. ThisContinue Reading
XSS is a common and very popular vulnerability also took place in Owasp Top10 from the beginning. XSS is hard to detect and very dangerous since an attacker can gain the ability what user can do and see like passwords, financial information, etc. XSS has two mail types called StoredContinue Reading
OpenVAS is a preinstalled vulnerability tool in both Kali and Parrot. It is completely free and even if it is preinstalled in these OSs, you need to do something before you use it. First, you need to start a new installation; Meanwhile, if you updated your Kali or Parrot, itContinue Reading