#attack Archives - Page 2 of 4 - Alireza Gharib Blog

January 9, 2025

CVE-2024-12854 – “WordPress Garden Gnome Package Plugin Remote Code Execution File Upload Vulnerability”

CVE ID : CVE-2024-12854 Published : Jan. 8, 2025, 10:15 a.m. | 11 hours, 29 minutes ago Description : The Garden Gnome Package plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the functionality that automatically extracts ‘ggpkg’ files that have been uploaded in all versions up to, and including,…

CVE, Cybersecurity, Cybersecurity awareness, Security, Threat Intelligence

#attack, #author, #cve, #cybersecurity, #file, #remote, #security, #un
January 9, 2025

CVE-2024-12853 – WordPress Modula Image Gallery Remote File Upload Vulnerability

CVE ID : CVE-2024-12853 Published : Jan. 8, 2025, 10:15 a.m. | 11 hours, 29 minutes ago Description : The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the zip upload functionality in all versions up to, and including, 2.11.10. This makes it possible for authenticated…

CVE, Cybersecurity, Cybersecurity awareness, Security, Threat Intelligence

#attack, #author, #cve, #cybersecurity, #file, #remote, #security, #un
January 9, 2025

Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens

Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in GFI KerioControl firewall product. KerioControl is a … Read more Published Date: Jan 08, 2025 (2 hours, 48 minutes ago) Vulnerabilities has been mentioned in this article.…

CVE, Cybersecurity, Cybersecurity awareness, Security, Threat Intelligence

#attack, #cve, #cybersecurity, #flaw, #hack, #hacker, #remote, #security
January 9, 2025

12 Months of Fighting Cybercrime & Defending Enterprises | SentinelLABS 2024 Review

From ransomware repurposed for espionage to increased exploitation of cloud platforms, learn about the key trends from SentinelLABS research in 2024. From the convergence of cybercrime and nation-state espionage to the strategic misuse of trusted platforms like Microsoft Azure and SaaS APIs, the cybersecurity landscape has grown more complex than ever in 2024. SentinelLABS has…

#attack, #azure, #bypass, #innovation, #tech
January 9, 2025

The Best, the Worst and the Ugliest in Cybersecurity | 2024 Edition

Before we ring in the New Year, SentinelOne reviews and reflects on some of the most formative cyber news stories that occurred in 2024. It’s almost time to wave goodbye to the year that was 2024, and as we look ahead to 2025 and the challenges that might bring, now is a good time to…

#attack, #author, #bug, #cisa, #cybersecurityadvisory, #fbi, #tech, #volttyphoon
January 9, 2025

Autonomous SOC Is a Journey, Not a Destination | Introducing The Autonomous SOC Maturity Model

Learn about autonomous SOC and how SentinelOne uses a maturity model to frame the shifts it will bring to day-to-day security operations. The autonomous SOC: A well-grounded vision for the future of machine speed, AI-driven cyber defense, or nothing more than a pipe dream? Few concepts in modern security have been as polarizing, with sides…

#attack, #ict, #innovation, #investigation, #secure
January 9, 2025

AWS re:Invent 2024 Highlights | Empowering Customers Through Innovations & Security in Cloud

Learn about the latest technologies and innovations for cloud, container, and data security revealed at AWS re:Invent 2024. Last week marked another action-packed year at AWS re:Invent for the SentinelOne Team. Year after year, a consistent highlight from the event is the strong sense of community it builds with people from different backgrounds, geographies, and…

#attack, #author, #education, #innovation, #tech
January 9, 2025

Cybersecurity 2025 | Preparing for Tomorrow’s Threats, Challenges and Strategic Shifts

Explore SentinelLabs’ take on what 2025 may bring for cybersecurity, including emerging trends and actionable insights. Crystal balls are notoriously fragile, and those who look into them are wise not to become fixated with the shadows cast by their refracted light, yet no business can function without some meaningful sense of what the future might…

#atm, #attack, #author, #cyberattack, #tech
January 9, 2025

SentinelOne Continues to Set the Standard in MITRE ATT&CK® Evaluations | 100% Detection, Zero Delays and 88% Less Noise

SentinelOne achieves 100% detection and zero detection delays in the MITRE ATT&CK® Evaluations: Enterprise 2024. In cybersecurity, speed and accuracy are necessities. Every second counts, and every detection could be the difference between resilience and breach. That’s why SentinelOne takes immense pride in protecting our customers, monitoring trillions of signals annually across organizations from SMBs…

#attack, #flaw, #innovation, #macos, #tech
January 9, 2025

Protecting AI Infrastructures | Introducing SentinelOne’s AI Security Posture Management (AI-SPM)

SentinelOne’s new AI Security Posture Management (AI-SPM) solution helps organizations secure their AI workloads effectively. The widespread adoption of AI introduces unique security considerations. Misconfigurations in AI infrastructure and unsecured APIs can create weaknesses that cybercriminals will exploit. In this blog post, we dive deep into how SentinelOne’s agentless AI Security Posture Management (AI-SPM) solution…

#1632, #attack, #azure, #internet, #secure, #tech

Tag: #attack