Through the 4th industrial revolution is in full swing, data security has become more imperative and challenging. Computer Science education has been expanded similarly to different branches like Cybersecurity. In this article, we are going to discuss a tech tool, CTFd.io which is being used extensively in this field as a problem-solving, learning, and assessment platform focusing on information security concepts only. In this particular...
Read More
I. Targeted Software Docker Kubernetes Amazon Web Services (AWS) Microsoft Azure Google Cloud II. Introduction A hacking group referred to as “TeamTNT” has been active within the previous 8 months. In the summer of 2020, security researches identified TeamTNT as the group behind a crypto-mining malware capable of stealing local credentials and Amazon Web Services (AWS) login details.[2] TeamTNT had been targeting Docker and Kubernetes.[2]...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco VPN Routers, themost severe of which could allow for arbitrary code execution as theroot user of an affected device. These VPN routers are often used toconnect hosts via the router hardware as opposed to individualinstallations on each device. Successful exploitation of the most severe of these vulnerabilitiescould allow for arbitrary code execution in the context of the root...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Apple Products, themost severe of which could allow for arbitrary code execution. * tvOS is an operating system for the fourth-generation Apple TV digitalmedia player.* watchOS is the mobile operating system for the Apple Watch and isbased on the iOS operating system.* iPadOS is the successor to iOS 12 and is a mobile operating system foriPads.* iOS is a...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in the Google Androidoperating system (OS), the most severe of which could allow for remotecode execution. Android is an operating system developed by Google formobile devices, including, but not limited to, smartphones, tablets, andwatches. Successful exploitation of the most severe of thesevulnerabilities could allow for remote code execution within the contextof a privileged process. Depending on the privileges associated withthis...
Read More
DESCRIPTION:A vulnerability has been discovered in GNU Libgcrypt, which could allowfor arbitrary code execution. Libgcrypt is a generic cryptographiclibrary offered as part of GNU Privacy Guard (GnuPG) software suite toprovide building blocks for carrying out cryptographic tasks such asencrypting and signing data and communications. It is shipped with mostLinux distributions including Ubuntu and Fedora. Successful exploitationof this vulnerability could result in arbitrary code execution in...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Apple Products, themost severe of which could allow for arbitrary code execution. * tvOS is an operating system for the fourth-generation Apple TV digitalmedia player.* watchOS is the mobile operating system for the Apple Watch and isbased on the iOS operating system.* iPadOS is the successor to iOS 12 and is a mobile operating system foriPads.* iOS is a...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco’s SD-WAN, DNACenter, and Smart Software Manager Satellite products, the most severeof which could allow for arbitrary code execution with system privileges. * SD-WAN is used for cloud-based network architecture* DNA Center is a management platform for the Digital NetworkArchitecture product* Smart Software Manager is an enterprise product activation key/licensemanager Successful exploitation of the most severe of these vulnerabilitiescould...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this...
Read More
IMPACT:Multiple vulnerabilities have been discovered in Oracle products, whichcould allow for remote code execution. SYSTEM AFFECTED:* Business Intelligence Enterprise Edition, versions 5.5.0.0.0,11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0* Enterprise Manager Base Platform, versions 13.2.1.0, 13.3.0.0, 13.4.0.0* Enterprise Manager for Fusion Applications, version 13.3.0.0* Enterprise Manager Ops Center, version 12.4.0.0* Hyperion Financial Reporting, version 11.1.2.4* Hyperion Infrastructure Technology, version 11.1.2.4* Instantis EnterpriseTrack, versions 17.1-17.3* JD Edwards EnterpriseOne Orchestrator, versions prior to...
Read More
