News and Articles
Netizen (/ˈne-tə-zən/): A member of the Internet community, a.k.a. "net citizen", that seeks to improve it.
Recent PostsRSS Feed:
MITRE Corporation Faces Significant Cybersecurity Breach Through Ivanti Vulnerabilities
Posted on 22 Apr 2024
The MITRE Corporation, known for its cybersecurity research, faced a major breach due to Ivanti Connect Secure gateway vulnerabilities. Attackers exploited zero-day flaws, bypassing security measures and gaining deep access for three months. MITRE responded swiftly, but the incident highlights ongoing cybersecurity vulnerabilities. The breach reveals strategic targeting of U.S. institutions, echoing similar incidents in the sector. ...
Detailed Analysis of Penetration Testing and Vulnerability Assessments in Organizational Security Protocols
Posted on 20 Apr 2024
Organizations enhance their information security with Penetration Testing (Pen Testing) and Vulnerability Assessments (VAs). VAs identify and rank vulnerabilities, aiding in prioritizing remediation. VM goes beyond VAs, involving asset discovery, consistent scanning, patch management, and risk assessment. On the other hand, Pen Testing actively exploits vulnerabilities to assess potential damage. Netizen offers comprehensive security solutions including VAs, Pen Testing, compliance support, and automated assessment tools. ...
Invasive Data Scraping Service “Spy Pet” Sells Discord User Data for as Low as $5
Posted on 18 Apr 2024
A data scraping service known as Spy Pet has sparked privacy concerns by selling extensive user data from Discord. With a claimed 600 million user database, Spy Pet offers user profiles and activity details for a minimal fee. Discord is actively investigating the matter. The incident emphasizes the need for clearer regulations protecting user privacy. ...
Telegram Responds to Python Script Execution Vulnerability in Windows App
Posted on 17 Apr 2024
Telegram addressed a critical security issue in its Windows desktop app, debunking initial rumors of a zero-click flaw. After a typo in the code enabled Python scripts to run without warning, exploiters disguised them as videos. Telegram swiftly fixed the issue and plans to enhance security for future versions. ...
Analysis of CVE-2024-31497: Biased ECDSA Nonce Generation in PuTTY
Posted on 16 Apr 2024
CVE-2024-31497 is a critical vulnerability in PuTTY SSH client versions 0.68 to 0.80, allowing recovery of a user's private key due to biased nonce generation. Attackers can exploit this, posing serious threats. Several applications are also affected. Users must upgrade, revoke vulnerable keys, and update dependent applications to mitigate the risk and prevent breaches. ...
Palo Alto Networks Acts on Zero-Day Vulnerability in PAN-OS Firewalls
Posted on 16 Apr 2024
Palo Alto Networks has released critical updates to fix a zero-day vulnerability (CVE-2024-3400) in its firewall operating system PAN-OS. The flaw allows unauthenticated attackers to gain root access through command injection in the GlobalProtect gateway/portal. Hotfixes are available, and customers are advised to apply mitigation measures. The U.S. CISA has also mandated actions to address the vulnerability. ...
The Loop DoS Attack: A New Threat to UDP-Based Protocols
Posted on 10 Apr 2024
A new "Loop DoS" attack exploits UDP-based application-layer protocols, potentially affecting thousands of systems. It involves servers engaging in continuous communication, depleting their resources and rendering them unresponsive. Despite no reported real-world instances, an estimated 300,000 hosts could be exploited. Initiatives like BCP38 filtering spoofed traffic aim to mitigate risks. ...
Sequence of Events and Strategic Overview of the XZ Compression Library Backdoor
Posted on 10 Apr 2024
The XZ Compression Backdoor Timeline details a supply chain attack on the xz compression library by "Jia Tan," who gained trust and eventually inserted a backdoor, affecting systems using the library. The attack was detected in March 2024, prompting industry response and highlighting vulnerabilities in open source supply chain security. ...
Ransomware Attack Triggers Panera Bread’s Nationwide IT Outage
Posted on 05 Apr 2024
In March 2024, Panera Bread faced a ransomware attack causing disruptions to IT systems and services. Online and in-store operations were affected, prompting the company to seek customer patience and resort to cash transactions. The attack's timing suggests calculated planning, reflecting a trend of cyberattacks on the food service industry. ...
The HTTP/2 Continuation Flood: A New Era of Denial-of-Service Threats Emerges
Posted on 04 Apr 2024
Cybersecurity expert Bartek Nowotarski revealed a new denial-of-service (DoS) attack strategy, the HTTP/2 Continuation Flood, posing a severe threat to organizations. Numerous vulnerabilities within HTTP/2 implementations have been identified, each with distinct CVE identifiers, presenting a range of DoS exploits. Immediate assessment, patching, enhanced monitoring, collaboration and sharing, and vendor communication are essential for protection. ...
Press Releases view more
- 01 Apr 2024: NETIZEN: MARCH VULNERABILITY REVIEW
- 27 Mar 2024: U.S. JUSTICE DEPARTMENT INDICTS SEVEN IN CONNECTION TO CHINESE APT31 HACKING GROUP
- 21 Mar 2024: WINDOWS SERVER MARCH 2024 UPDATES TRIGGER DOMAIN CONTROLLER CRASHES
- 29 Feb 2024: NETIZEN: FEBRUARY VULNERABILITY REVIEW
- 21 Feb 2024: LOCKBIT RANSOMWARE NETWORK COMPROMISED BY NCA IN INTERNATIONAL CYBER OPERATION
- 05 Feb 2024: CLOROX’S AUGUST 2023 CYBERATTACK: A $49 MILLION UPDATE
- 31 Jan 2024: NETIZEN: JANUARY VULNERABILITY REVIEW
- 22 Nov 2023: NETIZEN TO ATTEND 2023 CDCA EASTERN DEFENSE SUMMIT
- 27 Mar 2023: NETIZEN CEO NAMED FOR A THIRD YEAR TO THE “POWER 100” LIST OF THE MOST INFLUENTIAL PEOPLE IN THE LEHIGH VALLEY
- 07 Mar 2023: NETIZEN HIRES JOE CARR AS DIRECTOR OF CYBERSECURITY
- 28 Nov 2022: NETIZEN EARNS 5TH CONSECUTIVE FEDERAL AWARD FOR MILITARY VETERAN HIRING AND SUPPORT
- 10 Nov 2021: NETIZEN CORPORATION AWARDED HIRE VETS PLATINUM MEDALION FOR THE 4TH YEAR IN A ROW.
- 30 Jun 2021: NETIZEN AWARDED STATE-WIDE CYBERSECURITY CONTRACT FOR COMMONWEALTH OF MASSACHUSETTS
- 22 Jun 2021: NETIZEN APPRAISED AT CMMI® MATURITY LEVEL 3
- 29 Mar 2021: NETIZEN CEO NAMED TO THE “POWER 100” LIST OF THE MOST INFLUENTIAL PEOPLE IN THE LEHIGH VALLEY
- 16 Mar 2021: NETIZEN PART OF TEAM AWARDED $75M DEPARTMENT OF VETERANS AFFAIRS COMMUNITY CARE SUPPORT CONTRACT
- 05 Jan 2021: NETIZEN HIRES AKHIL HANDA AS CHIEF OPERATING OFFICER AND OTHER TEAM NEWS
- 10 Dec 2020: NETIZEN NAMED ONE OF THE NATION’S FASTEST-GROWING VETERAN OWNED BUSINESSES FOR 2ND YEAR IN A ROW
- 13 Oct 2020: NETIZEN NAMED A 2020 'GAME CHANGER'
- 12 Aug 2020: NETIZEN RANKS NO. 184 ON THE INC. 5000 LIST OF AMERICA’S FASTEST GROWING COMPANIES WITH 2,222% GROWTH
- 04 Jun 2020: NETIZEN AWARDED $9.2M U.S. ARMY CYBERSECURITY CONTRACT
- 07 Jan 2020: NETIZEN NAMED THE SECOND-FASTEST-GROWING VETERAN OWNED BUSINESS IN THE NATION
- 07 Nov 2019: NETIZEN RECEIVES AWARD FROM U.S. DEPARTMENT OF LABOR FOR VETERAN EMPLOYMENT INITIATIVES
- 13 Sep 2019: NETIZEN EARNS ISO 9001 QUALITY MANAGEMENT CERTIFICATION
- 15 Aug 2019: INC. MAGAZINE RANKS NETIZEN AS AMERICA’S FASTEST GROWING CYBER SECURITY COMPANY
- 18 Jun 2019: NETIZEN AWARDED $845,000 U.S. ARMY CYBER SECURITY ENGINEERING CONTRACT
- 16 May 2019: NETIZEN NAMED A NATIONAL ‘BEST WORKPLACE’ BY INC. MAGAZINE
- 27 Feb 2019: NETIZEN AUTOSTIG SOFTWARE RECOGNIZED BY FEDHEALTHIT MAGAZINE
- 23 Jan 2019: U.S. ARMY AWARDS NETIZEN $4.8M CYBER SECURITY CONTRACT
- 18 Dec 2018: NETIZEN AWARDED U.S. NAVY SEAPORT NEXTGEN (NXG) CONTRACT WITH $52.5B CEILING VALUE
- 12 Dec 2018: NETIZEN WINS CHARLESTON DEFENSE SUMMIT INNOVATION SPOTLIGHT AWARD FOR CYBERSECURE PLATFORM
- 11 Oct 2018: NETIZEN RECEIVES FEDERAL RECOGNITION FOR VETERAN HIRING
- 14 Sep 2018: NETIZEN PROVIDING COLLEGE SCHOLARSHIPS FOR VETERANS
- 07 Aug 2018: NETIZEN NAMED VETERAN-OWNED BUSINESS OF THE YEAR BY GREATER LEHIGH VALLEY CHAMBER OF COMMERCE
Twitter Feed
News and Updates
Get in Touch
Telephone: 1-844-NETIZEN
Email: Team (at) Netizen.net
Office Locations:
Allentown, PA (Headquarters)
Arlington, VA (DC Region)
Charleston, SC (Southeast Region)