Netizen Blog and News
The Netizen team sharing expertise, insights and useful information in cybersecurity, compliance, and software assurance.
Category: Application Security
-
Apple has just rolled out a crucial security update for iPhones and iPads in response to the discovery of newly identified vulnerabilities CVE-2023-41064 and CVE-2023-41061 in their system software. These vulnerabilities, also known as “BLASTPASS,” were found by researchers at the University of Toronto’s Citizen Lab, who revealed that the flaw was actively being exploited…
-
With the popularization of generative AI tools like ChatGPT, information has become increasingly easy to retrieve. Ask it anything, and ChatGPT will respond to the best of its ability, modifying itself to your prompt’s specifications as best it can. The more detailed the prompt, the more specific of a response you can get from an…
-
A new cyberattack campaign named “DB#JAMMER” has emerged, specifically targeting exposed Microsoft SQL Server (MSSQL) databases. The implications of this campaign are nothing short of severe, especially for organizations relying on this technology, as DB#JAMMER is no ordinary cyberattack; it’s a well-choreographed assault that employs intricate tactics, including relentless brute-force attacks aimed at breaching MSSQL…
-
Security researchers from Cyfirma recently discovered that over 80,000 Hikvision surveillance cameras are still susceptible to a critical vulnerability that was patched in a security update over 2 years ago. CVE-2021-36260, which was added to the National Vulnerability Database in January of 2022, allows attackers to exploit Hikvision cameras due to their lack of input…
-
Overview: Phish Tale of the Week Phishing attempts can often target specific groups that can be exploited by malicious actors and come in many different forms. In this instance, we see a phishing scam targeting PayPal users with what appears to be a link that’s supposed to “reactivate your account.” PayPal says that our account…
-
Google Dorking leverages search operators to narrow down results. While useful, it can also expose vulnerabilities, as demonstrated by Hamid Firoozi’s breach of a dam’s computer system. To mitigate such risks, conduct security audits, restrict search engine access, and educate your team. Netizen offers cybersecurity solutions to safeguard your digital infrastructure.
-
On December 9th, the greater information security community had its world turned upside down when a newly uncovered zero-day vulnerability was found in Apache’s Java logging library Log4J. Within hours of this news, every major software company was in disaster mode, attempting to determine how their products were affected and how to fix a patch…
-
This past year was one like no other. Masks became the new fashion norm, workers traded office life for remote work, and video meetings became our main vessel for communicating with one another. While the world was busy fighting one issue, another swiftly arose. Cyber crime is on the rise across the globe. According to the F.B.I. in 2020 internet and…
-
Last week, Cisco Systems released the 2018 edition of its Annual Cybersecurity Report (ACR) you can find here. The report, compiled from a survey of 3,600 chief security officers (CSOs) and security operations leaders from across the globe, seeks to highlight emerging threats in the rapidly evolving landscape of cybersecurity. With 53% of all attacks…
-
Artificial intelligence is being incorporated into a range of cyber security products, but the technology may also introduce new threats, a report warns Artificial intelligence (AI) poses a range of threats to cyber, physical and political security, according to a report by 26 UK and US experts and researchers. The Malicious use of artificial intelligence report examines the…
Netizen Blog and News 