Tag

security

The Threat Center provides essential updates for organizations to stay informed about security threats, offering actionable intelligence and detailed asset information to help users proactively protect their systems.

Security

Deep Dive: Stored XSS Vulnerability in LiteSpeed Cache Plugin for WordPress (CVE-2024-47374)

An in-depth look at the CVE-2024-47374 vulnerability affecting LiteSpeed Cache plugin for WordPre...

Thu 10 October 2024

Security

Actively Exploited CVE-2022-21445, Deep Dive

The article delves into the technical details of this CVE, its potential impact, and the methods ...

Wed 25 September 2024

Security

Unraveling the VigorConnect Vulnerability: A Journey of Discovery and Correction

The article uncovers an Arbitrary File Read vulnerability in VigorConnect that lets attackers acc...

Thu 12 September 2024

OXO Titan UI encapsulates OXO's capabilities within an accessible interface, democratizing advanced security scanning techniques. This article explores OXO Titan's journey from concept to reality, highlighting its key features and presenting a practical user workflow example.

Discover the comprehensive techniques that are commonly used to bypass 4xx errors. Learn about the various methods used, including HTTP method fuzzing, request header manipulation, parameter tampering, and more.

Latest posts

CVE-2024-5315 Dolibarr SQL Injection Investigation

CVE-2024-5315, an actively exploited Dolibarr SQL Injection with in incorrect patched-in version.

Sun 14 July 2024

iOS TestFlight scan, Slack Integrations and other improvements

This update introduces support for scanning apps using iOS TestFlight, Slack Integrations, support for scanning web apps with an SBOM, and other improvements.

Mon 10 June 2024

Integrations, Dynamic analysis improvements, and a new standard support

This update introduces multiple new integrations with CI/CD pipelines, improvements to dynamic traces interception & analysis, support for the MASVS v2.0.0 standard, and many bug fixes.

Mon 27 May 2024

🚀 OXO v1.0!

OXO version 1.0, is 10x times faster, supports ARM64 architectures, and is packed with improved capabilities like scanning multiple assets, simpler and powerful CLI.

Mon 29 April 2024

Discovering & Monitoring Mobile Applications Attack Surface with Ostorlab

The article introduces Ostorlab Attack Surface Discovery as a solution for discovering and continuously monitoring mobile applications, alleviating the manual burden on security teams. It outlines steps for adding applications to an inventory, configuring monitoring rules, and emphasizes the platform's ability to streamline mobile application security management.

Tue 26 March 2024

Security Landscape of Mobile Banking Applications in North America

This article examines the security of mobile banking applications in North America, uncovering widespread vulnerabilities and the urgent need for enhanced cybersecurity measures. It highlights the fast-paced technological advancements in the sector, alongside challenges such as supply chain vulnerabilities and the adoption of potentially insecure programming practices.

Tue 19 March 2024

Known Exploitable Vulnerabilities: Catching them all

In this article we will Discover essential tools and empirical insights for identifying critical, high-severity, and actively exploitable vulnerabilities sourced from reputable platforms like CISA KEV, Google’s Tsunami, and the innovative Ostorlab’s Asteroid Project.

Wed 10 January 2024

New OWASP Mobile Top 10

Release of new OWASP Mobile Top 10 with improvements, updates and a behind the scenes.

Mon 27 November 2023