Blogs

On 19th, September 2023, a critical vulnerability designated CVE-2023-41179 was recently disclosed in Trend Micro’s flagship endpoint security solutions Apex One and Worry-Free Business Security. This critical flaw is an arbitrary code execution vulnerability located in a third-party antivirus uninstaller module bundled with the products. With a severity score of 9.1 out of 10 on the CVSS scale, CVE-2023-41179 allows attackers to remotely execute malicious code and commands on affected systems. Successful exploitation grants elevated system-level privileges to compromise vulnerable servers and endpoints completely. Even more concerning, Trend Micro has confirmed active exploitation of this vulnerability in the wild. Threat actors are already weaponizing CVE-2023-41179 to target organizations that have not yet patched the flaw. In this blog post, will provide in-depth analysis of CVE-2023-41179, outline affected Trend Micro versions, discuss remediation,…

Offensive Security released its third release of this year, which is also the second release after its 10th-anniversary release (Kali Linux Purple) on 13th March 2023. Offensive Security officially announced the release of Kali Linux 2023.3 on 23rd Aug, 2023. Offensive Security itself said that this is not a release with massive improvements with a lot of updates. However, that doesn’t mean that it is not worth to skip this upgrade.  2023.3 brings welcome upgrades like architectural improvements for stability, Kali Autopilot enhancements, and new hacking tools to amplify your pen-testing capabilities. We created this post to make it easy for our thesecmaster.com readers to know more about what is new in Kali Linux 2023.2, why you should upgrade Kali Linux to 2023.3, and finally, how to upgrade Kali Linux to 2023.3 from an older release.…

In today’s digital world, data is one of the most valuable assets for individuals and organizations. As such, it is crucial to implement proper security measures to protect sensitive information stored on devices. However, we often fail to do so, especially with our personal computers. The reason could be simple: sophisticated security tools are not budget-friendly, and open-source tools, which come for no extra cost, would need more technical knowledge to set up. Anyways, that’s a different debate. One common yet effective security technique to overcome is to configure pre-installed software to work as a security tools. To support this, we have this blog post that helps you turn a multimedia framework, FFmpeg, into a security tool that detects and responds to unauthorized login attempts. In this post, we will…

I was super excited when I got my new Apple Magic Mouse 2 to pair with my MacBook Pro. I had heard great things about how seamless and smooth the Magic Mouse experience was. However, I have to admit I was pretty disappointed at first. The mouse felt sluggish and slow compared to what I was used to on a Windows machine. No matter how I adjusted the tracking speed in System Preferences, it still felt like moving through molasses. The movement was choppy and imprecise – not what I expected from Apple! After some googling, I realized I wasn’t alone in my frustration. Lots of Mac users have experienced this problem and complained about the Magic Mouse feeling delayed and laggy. But there is a simple fix that makes…

The Raspberry Pi Foundation has announced the release of the Raspberry Pi 5 on 28th September 2023, the latest model in their line of single-board computers. In this post, we’ll take an in-depth first look at the key new features of the Raspberry Pi 5 based on the product brief released by Raspberry Pi. The Raspberry Pi 5 is expected to be available for purchase starting in late October 2023. Pre-orders are already open at some retailers like Adafruit, SparkFun, Micro Center, and more. The 4GB variant is priced at $60 while the 8GB version costs $80 before taxes. Creator: Raspberry Pi Foundation Throughout this post, we’ll explore all the new capabilities and upgrades introduced in the Raspberry Pi 5 over prior generations. We’ll compare the Pi 5 to the popular Raspberry Pi 4 Model…

Metasploit Framework is one of the most popular open-source penetration testing tools used by ethical hackers and cybersecurity professionals. It provides an easy way to find and exploit vulnerabilities on networks and systems. However, like any software, Metasploit needs to be updated regularly to take advantage of the latest exploits, payloads, evasion modules, and other enhancements. Unfortunately, the Metasploit updates are not always available in the standard Kali Linux repositories. So if you rely on the default apt update and apt upgrade commands, you may not have the most recent Metasploit version. In this blog post, we will show you how to easily upgrade Metasploit on Kali Linux directly from the Metasploit repository. This ensures you are running the latest and greatest version with all the newest features. A Short Introduction to Metasploit Framework Metasploit Framework is…

Security researcher Stefan Schiller from Sonar recently disclosed a critical security vulnerability in OpenRefine that allows unauthenticated attackers to execute arbitrary code on the user’s machine. Sonar published details on this vulnerability on Sep 28, 2023, upon the release of a patch to the flaw. The vulnerability tracked as CVE-2023-37476 has a CVSS score of 7.8, making it high in severity. Sonar shared in its blog that it caught this vulnerability as part of its continued efforts to scan open-source projects for security vulnerabilities using SonarCloud, a free code analysis product for open-source projects. In this blog post, we covered what this Zip Slip vulnerability is, provided background on OpenRefine, summarized the vulnerability, outlined the affected versions, and, most importantly – explained how to fix CVE-2023-37476, a Zip Slip Vulnerability in OpenRefine.…

Imagine the heights you can reach with the Raspberry Pi 4 8GB Starter Kit – 128GB Edition! This incredible tech pack comes fully loaded with a Raspberry Pi 4 8GB Model B, featuring a 1.5GHz 64-bit quad-core CPU (8GB RAM). The kit also boasts a highly efficient Raspberry Pi 4B case that contains a supremely quiet 40mm PWM fan and four heat sinks, ensuring your device maintains excellent heat distribution. You also get a perfectly stable 5V 3.6A Type C Power Supply sporting an ON/OFF switch for your convenience, along with TUV and RoHS certifications guaranteeing professional standards. A huge bonus is the 128GB High Speed Class 10 Card that comes with a Card Reader, ensuring compatibility with all versions of Raspberry Pi. And on top of all that, your package…

Microsoft recently announced the general availability of Microsoft Copilot, its AI-powered digital assistant. Copilot aims to boost productivity by helping users complete tasks, generate content, and get insights across applications and devices. Copilot is currently available in different forms across Microsoft 365, Bing, Windows 11, and Edge. While it was initially limited to select testers, Microsoft has now started rolling out Copilot more broadly. So how do you get Copilot on your Windows 11 device? Let’s take a look at what Copilot is, its availability, pricing, and how to enable it on Windows 11. Microsoft first previewed Copilot at its Build developer conference earlier this year. It showed how Copilot can work alongside Office apps like Word, Outlook, and Excel to help users write emails, generate summaries, and analyze data.…

Apple recently released iOS 17.0.3 and iPadOS 17.0.3 to address two critical vulnerabilities, CVE-2023-42824 and CVE-2023-5217, that could allow malicious actors to execute arbitrary code on affected devices. These flaws affect various iPhone and iPad models and could be exploited if a user visits a malicious website or is targeted by specially crafted web content. To protect your Apple devices, it is essential to apply the latest updates as soon as possible to ensure your devices are protected against potential attacks leveraging these vulnerabilities. We published this blog post to provide an overview of the vulnerabilities Apple devices impacted, and educate thesecmaster.com users on keeping your devices secure. before we jump into the topic of discussion, let us see a short introduction about WebRTC since these flaws stemmed from the Kernel and…