Author: HackWatchit

AuthorsPranali Phadtare, Soummya Kulkarni, Shruthi Shunmugom M About UsIBM PTC is a proficient internal Security Test Team responsible for vulnerability assessment & ethicalhacking of web, mobile applications & infrastructure. Abstract HTTP/2 is an upgraded version of the HTTP 1.1 protocol. HTTP/2 provides various considerable refinements in terms of performance by addressing the prominent issues with HTTP/1.1 protocol. These refinements seems to have incidental impact in terms of security. This article tries to elucidate various functionalities of HTTP/2 and also explains web application related vulnerabilities of HTTP/2, such as Denial of Service attacks and downgrading vulnerabilities.  Introduction to HTTP Protocol HyperText…

Progress Software fixed multiple high-severity LoadMaster flaws Pierluigi Paganini February 11, 2025 Progress Software fixed multiple vulnerabilities in its LoadMaster software, which could be exploited to execute arbitrary system commands. Progress Software has addressed multiple high-severity security vulnerabilities (CVE-2024-56131, CVE-2024-56132, CVE-2024-56133, CVE-2024-56134, CVE-2024-56135) in its LoadMaster software. Progress Software’s LoadMaster is a high-performance load balancer and application delivery controller (ADC) designed to optimize the availability, security, and performance of web applications and services. It helps distribute network traffic efficiently across multiple servers to ensure reliability and scalability. Below are the descriptions of these vulnerabilities: CVE-2024-56131 (CVSS scores: 8.4) is an Improper input…

The Theory behind WiFi Jamming in the RF Spectrum You might have seen several WiFi jamming devices on Chinese sites such as Aliexpress, Wish, or Alibaba.  However, Signal Jammers are very different from WiFi deauthers, since the first one creates a lot of signal interference in the RF spectrum while the other one basically injects forged frames to disconnect the WiFi clients from the WiFi router or access Point. So what is a Jammer? Image 1: Example of Signal Jammers In a nutshell: A WiFi jammer is a device that creates a lot of random noise to prevent communication on…

Threat analysts have identified a new and emerging threat: a variant of the SystemBC RAT (Remote Access Trojan) that is now actively targeting Linux-based platforms. This development puts corporate networks, cloud infrastructures, and IoT devices at risk. The latest version of SystemBC RAT is more stealthy and harder to detect, using encrypted communication to stay hidden while letting attackers move freely through compromised systems. SystemBC RAT: From Windows to Linux SystemBC is a Remote Access Trojan (RAT) commonly used in cyberattacks to provide attackers with remote control over infected systems.  Initially a Windows-only threat, it has now expanded to Linux,…

Cisco has refuted claims of a recent data breach after the Kraken ransomware group published sensitive information, allegedly stolen from the company’s internal network, on its dark web leak site. Cyber Press reported on the ransomware group’s claims, which included the exposure of credentials linked to Cisco’s Windows Active Directory environment.  According to the report, the leaked dataset contained usernames and their associated domains, unique relative identifiers (RIDs) for each user account, and hashed representations of passwords (NTLM hashes). The compromised accounts include privileged administrator accounts, regular user accounts, service and machine accounts linked to domain controllers, and the crucial Kerberos…

Wired reported this week that a 19-year-old working for Elon Musk‘s so-called Department of Government Efficiency (DOGE) was given access to sensitive US government systems even though his past association with cybercrime communities should have precluded him from gaining the necessary security clearances to do so. As today’s story explores, the DOGE teen is a former denizen of ‘The Com,’ an archipelago of Discord and Telegram chat channels that function as a kind of distributed cybercriminal social network for facilitating instant collaboration. Since President Trump’s second inauguration, Musk’s DOGE team has gained access to a truly staggering amount of personal…

Ever since the pandemic, remote work isn’t just some trend. It’s a very real possibility for most jobseekers out there. But before you dive into your search, remember, you’ll need more than just Wi-Fi and a laptop — think self-discipline, communication skills, and adaptability. This article will give you the resources to find remote job opportunities, plus: 3 career coach-vetted tips to find a prepare for remote work How to evaluate offers and build a long-term remote career How to build your online presence, resume, and crush remote interviews to land the jobs you want How Does Remote Work Really…

Testing the DeepSeek-R1 Model: A Pandora’s Box of Security Risks In just a couple weeks, DeepSeek has shaken the AI world, stirring both excitement and controversy. In previous blogs we covered its rapid rise, highlighting issues like dramatic savings claims, IP theft allegations, and questioned whether DeepSeek was too good to be true. Now the AppSOC Research Team has taken the next step, doing in-depth security scanning of the DeepSeek-R1 model using our AI Security Platform. The findings reveal significant risks that enterprises cannot afford to ignore. This blog outlines the security flaws uncovered during testing and demonstrates how our…

Further Considerations in Government and Defense 9. Defense Spending and Budget Priorities Governments around the world are grappling with how to allocate their defense budgets, balancing national security needs with the pressures of public welfare, economic stability, and social priorities. Defense spending is a significant part of national budgets, and decisions on how to allocate resources can have long-term effects on a country’s defense posture. Defense Budget Challenges The Role of Military-Industrial Complexes 10. Artificial Intelligence, Ethics, and Autonomous Weapons The intersection of artificial intelligence (AI) and defense is one of the most contentious areas of modern warfare. As AI continues to…