Nagios-compatible systems are some of the most widely used infrastructure monitoring solutions. They use “plugins” to monitor server performance, with “Nagios Core” interpreting results. However, there’s a potentially significant security issue with Nagios…

Citizen Lab found an actively exploited zero-click vulnerability being used to deliver NSO Group’s Pegasus mercenary spyware while checking the device of an individual employed by a Washington DC-based civil society organization with international offices. We…

When software is introduced as the solution used by “Enterprises and Governments”, it is almost rude of us not to engage further and see how terrifying everything becomes.

One of our key missions at watchTowr is to review large amounts of data and extract…

[update 09.10.2023] In this update, I will share how to extend the signal of Android nRF Connect app that can send pairing messages, demonstrate AppleJuice on the latest iOS 17, show which specific advertisement packet can trigger pop-ups from up to 50 meters…

BugProve uncovers seven pre-authentication remote code execution flaws and 26 post-authentication code execution vectors in Zavio IP cameras. Despite repeated warnings, Zavio remained unresponsive, necessitating intervention from CISA.

Guest Post: Examining the history of password security and how it's shaping the future.

Cybercriminals are abusing Advanced Installer, a legitimate Windows tool used for creating software packages, to drop cryptocurrency-mining malware including PhoenixMiner and lolMiner on infected machines.

Rust is a programming language guaranteeing memory and thread safety while still being able to access raw memory and hardware. This sounds impossible, and it is, that’s why Rust has an unsafe keywo…

By Oleg Zaytsev (Guardio Labs)

An important tool in a threat hunter's tool belt.

Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files - GitHub - boringtools/git-alerts: Tool to detect and monitor GitHub org users' publ...

HijackLoader | Learn its tactics, evasion techniques, and modular architecture in our in-depth analysis.

New research shows that employees access sensitive data on personal devices–
often to get around security.

Explore the growing threat of insider attacks in the realm of cybersecurity. From defining what constitutes an insider threat, its various types, to strategies for mitigating such risks, this comprehensive guide covers all aspects of this pressing issue.…

Cloud Security Explained for Businesses- How it Plays a Pivotal Role in Ensuring the Confidentiality, of Your Company Data

XWiki is an open-source knowledge repository which is primarily meant for enterprise use, i.e. intra-company knowledge storage and sharing. As per its website, XWiki is a "second generation" wiki,...

Identify and harden your External Security Posture with the leader. Let us manage time-consuming tasks and focus on remediation