Spring framework is found to have a Remote Code Execution (RCE) flaw. This vulnerability, if exploited successfully, will let the attacker take control of the targeted system. Fortunately, the team behind the framework was successfully able to release a patch to address the flaw. What makes Spring4Shell vulnerability (CVE-2022-22965) very dangerous is the leverage it
Read More
Linux is found to have yet another severe privilege escalation vulnerability (CVE 2022-0847) in kernel version 5.8 and above. This vulnerability is allowed bad actors to execute malicious code that can act as a host to destructive actions like installing backdoors into the system, injecting code into scripts, and even creating unauthorized user profiles. This
Read More
From Zero to Hero Employees are not limited to the office building like in the old days. The remote working had effects on literally everything. Organizations today need a comprehensive security strategy to manage the complexities of securing the data. From perimeter-based security to Zero trust architecture, we have come a long way. Let us
Read More
While reading on the different types of phishing attacks, recently I came across an interesting article by mr.d0x. His article explores the type of attack called Browser in the Browser (BITB). It is a novel phishing attack that exploits the user by simulating a browser window within a browser to spoof a legitimate domain. In
Read More