Security
Headlines
HeadlinesLatestCVEs

Tag

#ssl

The Ultimate Guide to Designing a Logo Online: Tools, Tips, and Tricks

A logo is more than just a visual element—it’s the cornerstone of your brand identity. It communicates your…

HackRead
Open in Source
#web#ios#apple#google#git#auth#ssl
Malicious Ads in Search Results Are Driving New Generations of Scams

The scourge of “malvertising” is nothing new, but the tactic is still so effective that it's contributing to the rise of investment scams and the spread of new strains of malware.

How AI Is Enhancing Security in Ridesharing

Whether it's detecting fraudulent activity, preventing phishing, or protecting sensitive data, AI is transforming cybersecurity in ridesharing.

How Python Software Development Enhances Cyber Defense

Python has emerged as a powerful ally in combating rising cybersecurity threats and tracking cybercrime through tools leveraging…

AmberWolf Launches NachoVPN Tool to Tackle VPN Security Risks

Researchers reveal major vulnerabilities in popular corporate VPN clients, allowing remote attacks. Discover the NachoVPN tool and expert…

Starbucks Shifts to Manual Processes After Contractor Ransomware Attack

Ransomware attack cripples Starbucks operations, forcing the coffee giant to rely on manual processes for employee scheduling and…

Hitachi Energy RTU500 Scripting Interface

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Hitachi Energy Equipment: RTU500 Scripting Interface Vulnerability: Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to spoof the identity of the service. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Hitachi Energy are affected: RTU500 Scripting Interface: Version 1.0.1.30 RTU500 Scripting Interface: Version 1.0.2 RTU500 Scripting Interface: Version 1.1.1 RTU500 Scripting Interface: Version 1.2.1 RTU500 Scripting Interface: All versions 3.2 Vulnerability Overview 3.2.1 IMPROPER CERTIFICATE VALIDATION CWE-295 Hitachi Energy is aware of a reported vulnerability in the RTU500 Scripting interface. When a client connects to a server using TLS, the server presents a certificate. This certificate links a public key to the identity of the service and is signed by a certification authority (CA), allowing the client to va...

GHSA-93ww-43rr-79v3: Keycloak mTLS Authentication Bypass via Reverse Proxy TLS Termination

A vulnerability was found in Keycloak. Deployments of Keycloak with a reverse proxy not using pass-through termination of TLS, with mTLS enabled, are affected. This issue may allow an attacker on the local network to authenticate as any user or client that leverages mTLS as the authentication mechanism.