by Esha | Aug 20, 2024 | CISSP
Vulnerability Exploited: Hackers are exploiting a critical PHP flaw (CVE-2024-4577, CVSS score: 9.8) to deploy the Msupedge backdoor. Target: An unnamed university in Taiwan. Backdoor Details: Msupedge communicates with a command-and-control server using DNS...
by Esha | Aug 19, 2024 | CISSP
A new malware called UULoader is being used by cybercriminals to distribute dangerous tools like Gh0st RAT and Mimikatz, particularly targeting Korean and Chinese speakers. Discovered by the Cyberint Research Team, UULoader is distributed via malicious installers...
by Esha | Aug 19, 2024 | CISSP
The OWASP Top 10 is a list of the most critical security risks to web applications. It is updated periodically to reflect the latest threats and vulnerabilities. Here is the OWASP Top 10 as of 2024: Broken Access Control Description: Issues with access control can...
by Esha | Aug 19, 2024 | CISSP
1. Code Review Description: A peer-driven process where multiple developers review code to ensure quality and identify defects. It can be manual or automated and is typically performed after code development. Reviews can cover several hundred lines of code per hour....
by Esha | Aug 19, 2024 | CISSP
1. CSRF (Cross-Site Request Forgery) Description: An attack that exploits the trust a website has in a user’s browser by forcing the submission of authenticated requests to a third-party site. This can result in unauthorized actions being performed on behalf of...
