Toggle navigation
SCADA - ICS - IIoT Security Bootcamp
Cyber Range
Contact
Critical Infrastructure
SecList ICS
Cinterion EHS5 3G UMTS/HSPA Module Research
Threat landscape for industrial automation systems, Q1 2024
Security Magazine
Malware campaign targets Spanish-speaking individuals
Untrained users are the greatest weakness in a cyber defense plan
2024: The year of upticks in cyber warfare
97% of security experts worry about AI-related security incidents
Securing critical infrastructure
EPA reveals most water systems do not meet compliance requirements
Protecting ships from cyber terrorism
Biden administration issues executive order to secure U.S. ports
Cadisha Miceli | Women in Security 2023
CISA MTS Guide may enhance critical infrastructure resilience
DNV appoints Anette Roll Richardsen as Director of Cybersecurity
Fishing vessel cited for electrical hazards and poor sanitation
Data breaches increased throughout 2023
Kristine Raad joins General Motors as Chief Security Officer
A new report discusses emerging global threats
Ransomware threats increased by twofold in 2023
47% of organizations monitored supply chain risks monthly or more
3 ways AI can handle third-party vendor and supplier risk challenges
Case Studies
The 2 am call: Preparing for a government cyberattack
Häfele recovers from ransomware attack with new SASE platform
Ride-hailing company, inDrive, uses new platform to prevent fraud
The Old Spaghetti Factory restaurant chain ups network & physical security
K-8 students learn cybersecurity through gamification
Electric company uses SAP monitoring to bolster cybersecurity
From the stone age to cutting edge: A case study on key management
Challenges with mobile apps as a safety solution in K-12 schools
Michigan school district deploys AI gun detection, intelligent situational awareness platform
Murray Community School District deploys gun detection technology
Virginia public school district deploys AI gun detection platform
Michigan school district adopts new gun detection technology
News
Exploits
[local] Bonjour Service 'mDNSResponder.exe' - Unquoted Service Path Privilege Escalation
[webapps] Xhibiter NFT Marketplace 1.10.2 - SQL Injection
[webapps] Azon Dominator Affiliate Marketing Script - SQL Injection
[webapps] Microweber 2.0.15 - Stored XSS
[webapps] Customer Support System 1.0 - Stored XSS
[webapps] Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting (XSS)
[webapps] SolarWinds Platform 2024.1 SR1 - Race Condition
[webapps] Flatboard 3.2 - Stored Cross-Site Scripting (XSS) (Authenticated)
[webapps] Poultry Farm Management System v1.0 - Remote Code Execution (RCE)
[webapps] Boelter Blue System Management 1.3 - SQL Injection
[webapps] WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS) (Authenticated)
[webapps] PHP < 8.3.8 - Remote Code Execution (Unauthenticated) (Windows)
[webapps] AEGON LIFE v1.0 Life Insurance Management System - SQL injection vulnerability.
[webapps] AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)
[webapps] XMB 1.9.12.06 - Stored XSS
[webapps] Carbon Forum 5.9.0 - Stored XSS
[webapps] AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)
[webapps] appRain CMF 4.0.5 - Remote Code Execution (RCE) (Authenticated)
[webapps] CMSimple 5.15 - Remote Code Execution (RCE) (Authenticated)
[webapps] WBCE CMS v1.6.2 - Remote Code Execution (RCE)
[webapps] Monstra CMS 3.0.4 - Remote Code Execution (RCE)
[webapps] Dotclear 2.29 - Remote Code Execution (RCE)
[webapps] Serendipity 2.5.0 - Remote Code Execution (RCE)
[webapps] Sitefinity 15.0 - Cross-Site Scripting (XSS)
[webapps] FreePBX 16 - Remote Code Execution (RCE) (Authenticated)
[webapps] Akaunting 3.1.8 - Server-Side Template Injection (SSTI)
[webapps] Check Point Security Gateway - Information Disclosure (Unauthenticated)
[webapps] Aquatronica Control System 5.1.6 - Information Disclosure
[webapps] changedetection < 0.45.20 - Remote Code Execution (RCE)
[webapps] ElkArte Forum 1.1.9 - Remote Code Execution (RCE) (Authenticated)
[webapps] iMLog < 1.307 - Persistent Cross Site Scripting (XSS)
[webapps] BWL Advanced FAQ Manager 2.0.3 - Authenticated SQL Injection
[webapps] htmlLawed 1.2.5 - Remote Code Execution (RCE)
[webapps] PopojiCMS 2.0.1 - Remote Command Execution (RCE)
[webapps] Backdrop CMS 1.27.1 - Authenticated Remote Command Execution (RCE)
[webapps] Apache OFBiz 18.12.12 - Directory Traversal
[webapps] Wordpress Theme XStore 9.3.8 - SQLi
[webapps] Rocket LMS 1.9 - Persistent Cross Site Scripting (XSS)
[webapps] Prison Management System - SQL Injection Authentication Bypass
[webapps] PyroCMS v3.0.1 - Stored XSS
[webapps] CE Phoenix Version 1.0.8.20 - Stored XSS
[webapps] Leafpub 1.1.9 - Stored Cross-Site Scripting (XSS)
[webapps] Chyrp 2.5.2 - Stored Cross-Site Scripting (XSS)
[remote] CrushFTP < 11.1.0 - Directory Traversal
[local] Plantronics Hub 3.25.1 - Arbitrary File Read
[webapps] Apache mod_proxy_cluster - Stored XSS
Last 20 Website Defacements - Zone-h
Advisories