Monthly Archives: October 2024

RPKI Insecurity 

Recently, a team of researchers from Germany released a paper outlining the vulnerabilities of Resource Public Key Infrastructure (RPKI), the primary framework used to provide security for the Border Gateway Protocol (BGP) [2]. BGP is used for routing, and it is an alternative to Open Shortest Path First (OSPF). OSPF is generally used for routing …

Continue reading “RPKI Insecurity “

UDP-WG

Hello everybody! I’m proud to announce the completion of my Project: UDP-WG. It’s a heavily documented C++ codebase that implements both the UDP Network Protocol, and the WireGuard VPN protocol. These implementations are used to create the main program, which allows instances to communicate with each other using either of these two protocols! The repository …

Continue reading “UDP-WG”

The XZ Backdoor: A 10.0 CVSS Exploit We Just Barely Avoided

Introduction The beginning of the calendar year is an important time for the Linux Ecosystem, as it sees the release of many important projects and distributions. Perhaps most important is the coordinated release of the prolific GNOME desktop environment, who’s biannual release cycle sees a new version in March and September (1), and the Ubuntu …

Continue reading “The XZ Backdoor: A 10.0 CVSS Exploit We Just Barely Avoided”

Cybercriminals attacked and stole records from BBC pension database

A security breach at the BBC Pension Scheme’s cloud-based service compromised the personal data of around 25,000 members in the last week of May 2024. Read more to know the details. BBC has suffered a major data breach, exposing the personal information of approximately 25,000 current and former employees. The broadcaster has one of the …

Continue reading “Cybercriminals attacked and stole records from BBC pension database”

The Hacking of the Magic Kingdom: Disney’s Data Breach & Network Vulnerabilities Exposure

It appears even the Magic Kingdom is vulnerable in this day and age, where even the strongest data security fortresses are being penetrated. A recent high profile cyberattack that revealed glaring weaknesses in Disney’s corporate network put the famous company in the spotlight. An alarming 1.2TB of confidential data was obtained by a hacker gang …

Continue reading “The Hacking of the Magic Kingdom: Disney’s Data Breach & Network Vulnerabilities Exposure”

The Kaspersky Ban: What It Means for Cybersecurity

For years, whenever I searched for the best antivirus recommendations, Kaspersky always comes up on the list. It seemed like a solid choice. But then came the recent announcement from the U.S. Commerce Department[1] about banning the sale of Kaspersky’s antivirus tools to new customers in the U.S. Suddenly, when I searched for the top …

Continue reading “The Kaspersky Ban: What It Means for Cybersecurity”

Cyberstorm Strikes the Automotive Sector!

“Imagine walking into a dealership and seeing a sales team scramble with paper forms—it’s a surreal reminder of how much we rely on technology to keep the wheels turning.” A Cybersecurity Crisis! Car dealerships in North America experienced a devastating ransomware attack in June 2024, affecting the digital infrastructure they heavily rely on. The result? …

Continue reading “Cyberstorm Strikes the Automotive Sector!”

Understanding the Zimbra Mail Server Remote Command Execution Vulnerability (CVE-2024-45519)

Recently, Zimbra email servers have come under threat due to a critical Remote Command Execution (RCE) vulnerability, identified as CVE-2024-45519. This vulnerability has been actively exploited, prompting urgent warnings from cybersecurity experts and organizations like Proofpoint and HarfangLab. What is CVE-2024-45519? The vulnerability was first reported by HarfangLab’s threat researcher, Ivan Kwiatkowski, on September 27, …

Continue reading “Understanding the Zimbra Mail Server Remote Command Execution Vulnerability (CVE-2024-45519)”

The Fortinet Data Breach: A Deep Dive into the Recent Cybersecurity Incident

Cybersecurity breaches are becoming increasingly common in a world where there is a significant increase in digital infrastructure. Fortinet, a key player that provides cybersecurity solutions, recently faced a security breach. This breach, which took place over a few months, has gained significant attention in the cybersecurity community. What Happened? Early in September 2024, Fortinet …

Continue reading “The Fortinet Data Breach: A Deep Dive into the Recent Cybersecurity Incident”

Powered by UCalgary

The views, information, or opinions expressed on this site are solely those of the individual(s) involved and do not necessarily represent the position of the University of Calgary as an institution.

Website Terms & Conditions | Privacy Policy | Copyright © 2024