How to avoid headaches when publishing a CVE

You have discovered a vulnerability. Congratulations! So, what happens next? Finding a CVE (Common Vulnerabilities and Exposures) is the first step in a process which starts with the identification of a zero-day and could end with fame and glory – if the discovery is significant enough. Newcomers to the security research field will know that […]

Continue Reading

An offensive mindset is crucial for effective cyber defense

As ransomware attacks continue to increase and cybercriminals are becoming more sophisticated, the federal government has implemented a more proactive approach when it comes to cybersecurity. As evidenced by its stated strategy to adopt a zero trust architecture, the federal government is taking measures to reduce the risk of cyberattacks against its digital infrastructure, and […]

Continue Reading

Attackers are attempting to exploit critical F5 BIG-IP RCE

Researchers have developed PoC exploits for CVE-2022-1388, a critical remote code execution bug affecting F5 BIG-IP multi-purpose networking devices/modules. Simultaneously, in-the-wild exploitation attempts have also been detected. CVE-2022-1388 PoC exploits Security researchers have started sharing evidence of their successful exploitation attempts of CVE-2022-1388 during the weekend: #CVE-2022-1388 successfully exploited. pic.twitter.com/P04K4PJsAN — Matus Bursa #strongertogether (@BursaMatus) […]

Continue Reading