FBI Email Server Hacked To Send Fake Cyber Security Alert Messages
An unidentified cyber attacker sends thousands of fake cyber security email messages from a real U.S. Federal Bureau of Investigation (FBI) address by hacking their email servers. The fake email…
2021 CWE Top 25 Most Dangerous Software Weaknesses
Introduction: The 2021 CWE Top 25 Most Dangerous Software Weaknesses is a demonstrative list of most periodic and critical errors that can lead to major software vulnerabilities. It is developed…
US Sanctions Pegasus Maker NSO Group and 3 Other Companies
The U.S. Department of Commerce added four organizations, including Israeli cyberarms industry NSO Group to the Entity List for engaging in malicious cyber activities that are conflicting with the nation’s…
2021 CWE Most Important Hardware Weaknesses
Introduction: The list of 2021 CWE Most Important Hardware Weaknesses is published by the MITRE Corporation in collaboration with DHS’s Cybersecurity and Infrastructure Security Agency (CISA). The composed list consists…
NSA and CISA Releases 5G Cloud Security Guidance Part-1
To build and secure 5G Cloud Infrastructures, the first of a four-part series of CyberSecurity Guidance documents has been released jointly by National Security Agency (NSA) and Cybersecurity and Infrastructure…
Application Security Testing – Methodology and Approach
Introduction: Application Security Testing is a process to identify security vulnerabilities and weaknesses in web applications. This testing is performed with the combination of both automation and manual process using…
Tianfu Cup 2021 – Windows 10, Chrome, iOS, Linux Exploited
At the Tianfu Cup 2021 held on October 16-17, 2021, a number of operating systems and products were successfully exploited using original, unreleased vulnerabilities. From Windows 10, Google Chrome, iOS…
Network Penetration Testing – Methodology and Approach
Introduction: Network Penetration Testing is a process to find security issues in the organization network, attached devices and network applications. Security issues could be insecure protocol, misconfigured operating systems, improper…
Google Alerts 14,000 Gmail Users Attacked by Russian Hackers
Google has warned approx. 14,000 Gmail users about being attacked by government-backed phishing campaign conduct by Fancy Bear, or APT28, a Russian government cyber espionage group. Google communicated to Gmail…
Mobile Application Security Testing – Methodology and Approach
Introduction: Mobile phones have entered into every aspect of user’s life today, from communication and data to shopping and entrainment. To keep strong hold in the market, companies keep bringing…