TARLOGIC's BLOG
Cybersecurity - Page 2

Cybersecurity articles with security analysis and ethical hacking technics information

BlueSpy – Spying on Bluetooth conversations
BlueSpy – Spying on Bluetooth conversations
Jesús María Gómez Moreno

BlueSpy is a proof of concept for exploiting vulnerabilities in Bluetooth headsets and eavesdropping on private conversations The first results following the publication of BSAM, a[...]

Read more
CVE-2023-49785: Vulnerability in NextChat
CVE-2023-49785: Vulnerability in NextChat
S.T.A².R.S Team

CVE-2023-49785 is a critical vulnerability affecting NextChat, an application that provides users with a web interface based on ChatGPT Information has been disclosed about a new c[...]

Read more
CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Vulnerabilities
CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Vulnerabilities
S.T.A².R.S Team

Vulnerabilities CVE-2024-27198 and CVE-2024-27199 affect TeamCity, a CI/CD management server software owned by JetBrains Two new vulnerabilities have been disclosed recently, which[...]

Read more
CVE-2024-22024: XXE vulnerability disclosed in Ivanti products
CVE-2024-22024: XXE vulnerability disclosed in Ivanti products
S.T.A².R.S Team

CVE-2024-22024 is an XML External Entity (XXE) vulnerability that allows a remote attacker to access internal files CVE-2024-22024, a new high rated vulnerability affecting Ivanti [...]

Read more
CVE-2023-7028: A critical vulnerability affecting GitLab
CVE-2023-7028: A critical vulnerability affecting GitLab
S.T.A².R.S Team

Critical vulnerability CVE-2023-7028 in the open source platform GitLab allows taking control of other users’ accounts A critical vulnerability has been discovered in GitLab,[...]

Read more
Critical vulnerabilities of the ownCloud platform are being exploited in the wild
Critical vulnerabilities of the ownCloud platform are being exploited in the wild
S.T.A².R.S Team

On November 21, 2023, three critical vulnerabilities were made public (CVE-2023-49103, CVE-2023-49104, CVE-2023-49105), affecting several applications of the ownCloud online file s[...]

Read more
CVE-2023-4911: The vulnerability Looney Tunables in GlibC is being actively exploited
CVE-2023-4911: The vulnerability Looney Tunables in GlibC is being actively exploited
S.T.A².R.S Team

On October 3, 2023, Qualys published information about a high-severity local privilege escalation vulnerability in the GNU C Library (glibc), which is widely used on Linux systems.[...]

Read more
CVE-2023-38545: Heap overflow vulnerability in curl (SOCKS 5)
CVE-2023-38545: Heap overflow vulnerability in curl (SOCKS 5)
S.T.A².R.S Team

The vulnerability CVE-2023-38545 affects curl, a command line tool and software library used to transfer data to and from a server On October 11th, 2023 the curl development team h[...]

Read more
CVE-2023-42115: Vulnerabilities without security patch in Exim
CVE-2023-42115: Vulnerabilities without security patch in Exim
S.T.A².R.S Team

Exim has multiple critical vulnerabilities, including CVE-2023-4863, that allow attackers to run code on affected systems without authentication. Multiple vulnerabilities, one of t[...]

Read more
Bluetooth vulnerabilities in smart locks
Bluetooth vulnerabilities in smart locks
Fran Álvarez Wic

Detecting and mitigating Bluetooth vulnerabilities in smart locks is critical to securing these IoT devices A smart lock is an IoT device that facilitates access by opening a door [...]

Read more
1 2 3 4 5 12
Advanced penetration testing services