A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. This vulnerability affects the function actionPassOrNotAutoSign of the file /com/esafenet/servlet/service/processsign/AutoSignService.java. The manipulation of the argument UniqueId leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Security Links is a curated list of websites for cybersecurity. Find cutting edge information and trends.

LATEST NEWS
thumb
2024-11-18 19:30:00The Problem of Permissions and Non-Human Identities - Why Remediating Credentials Takes Longer Than You Think

According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% in the previous year''s report. At the same time, the number of leaked credentials has never been higher, with over 12.7 million hardcoded credentials in public GitHub repositories alone. One of the more troubling aspects of this report is that over 90% of valid

by The Hacker News

PICKUP

Security - Free source code and tutorials for Software developers and Architects."

Distributed Denial of Secrets (DDoSecrets) is a journalist 501(c)(3) non-profit publishing and archiving leaks, and devoted to the free transmission of data in the public interest.

NEW

Read McAfee Labs blogs for the latest threat research, threat intelligence, and thought leadership from the Threat Research team.

Cyber security news about current events and insights for executives, plus news trending now on ransomware, malware, phishing, and other issues executed by hackers.

Free VIN number decoder for any cars.

Welcome to the Social Links OSINT blog! Get handpicked news stories, authentic case studies, and OSINT insights.

CheckMates is the Cyber Security Community that brings Check Point users, experts, and R&D together for freewheeling discussions about Check Point.

RECENTLY ADDED
NEW

Get the latest information, insights, and news from Microsoft.

NEW

IT Security expertise - Penetration tests, Security audits, Code review, Training, Consulting, Vulnerability research

NEW

CryptoBook is a community project, developed by members of CryptoHack to create a resource for people to learn cryptography. The focus of this project is to create a friendly resource for the mathematical fundamentals of cryptography, along with corresponding SageMath implementation.

NEW

Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise. The collective is made up of elite security researchers that put a spotlight on the threats you know and don’t know about.

NEW

Read more about how Netskope is enabling security and networking transformation through secure access service edge (SASE).

NEW

Tackle tech challenges together. Join our IT community to connect, share your expertise, get answers, stay up with trends, advance your career, and keep IT fun!

NEW

Sinkholing is a technique whereby a resource used by malicious actors to control malware is taken over and redirected to a benign listener that can (to a varying degree) understand network connections coming from infected devices. This provides visibility of the distribution of infected devices worldwide, as well as protecting victims by preventing botnet command and control (C2) from cybercriminals.

NEW

Stay up-to-date with the latest file extensions being used by attackers.

NEW

Enter a domain or URL into the search engine to view details about its current URL categories. To request recategorization of this website, click Request Change below the search results.

NEW

PoC auto collect from GitHub. Be careful Malware.

NEW

Infosec's favorite weekly newsletter for news, tools, and tips with 18,000+ CISOs, founders, change-makers, and straight up hackers.

NEW