Did you hear about RCE vulnerability in @wazuh?
We've done research on it for you to understand what went wrong and how can you make sure you're not affected by it!
Read the blog at https://t.co/vVUUtuevQR
#CyberSecurityAwareness
7. Scan your website often using @_WPScan_ -- It's 100% free I
f you follow these tips, you'll make your WordPress site a lot secure.
If you want to know how these things can actually be done, step-by-step. Watch this video: https://t.co/fLBb27dUyJ
#cybersecuritytips
In our practice, we see a lot of hacked WordPress sites. A LOT!
We've put together a list of actions that you should apply on your WordPress website to ensure it's safe from security breaches.
Thread 🧵👇
1. Keep your WordPress version updated
2. Use strong password & MFA -- NO-BRAINER!
3. Enable auto-updates of plugins
4. Disable file modification in wp-config.php
5. Take regular backups
6. Disable XML-RPC -- Tell us why you need it if it's enabled?
#ApplicationSecurity
We have responsibly reported this security issue to the relevant department, and awaiting their response regarding the fix.
We're thriving to make internet a securer place! #ApplicationSecurity#ResponsibleDisclosure#Cybersecurity
We came across a security issue in one of the Pakistan's law enforcement agency's website 🚩 🎯
Our talented engineer found the vulnerability of Local File Inclusion, that allows the attacker to read any file on the server.
People, AI is not going to make your product do wonders by default.
Use AI wisely and only if required else dont bother adding it at first place.
#PublicServiceMessage#ArtificialIntelligence
@eddiejaoude We came across a client that mentioned following the product requirements:
"Integrate AI as much as possible and use it wherever possible"
AI has become a buzzword and everyone wants to use it without thinking if they even require it at first place or not.
Why being 'Nice' was costing us time and money"
We weren’t getting client feedback on time and it was killing our workflow.
Turns out, being 'nice' was the problem.
I sent this to my team after clients kept delaying feedback.
Here’s how we fixed it…
There can't be a better example to explain the significance of patching your systems, where an unpatched Atlassian Version lead to loss of $1.5 Billion
and hey, it's Patching Tuesday tomorrow, so let's take the initiative to patch before some bad happens
#CybersecurityAwareness
Last week a terrible security breach happened that caused $1.5 billion of theft from Ethereum cold wallet.
(While there was social engineering involved, but that's just one piece of the puzzle)
In a recent post by @The_Cyber_News it has been revealed that...
Thread 🧵👇
in the kill-chain there was exploitation of Atlassian Critical CVE involved.
To start off, attackers compromised CVE-2023-22527 which is a critical server side vulnerability in Atlassian Confluence servers.
Our team member @njmulsqb2 has worked on @zaproxy and fixed the issue of false positive of timestamps on it.
We believe in contributing back to community!
Here's the PR Link: https://t.co/WtxMLb7sIt
#ApplicationSecurity#AppSec#Opensource