New ‘ALBeast’ Vulnerability Exposes Weakness in AWS Application Load Balancer
As many as 15,000 applications using Amazon Web Services’ (AWS) Application Load Balancer (ALB) for authentication are potentially...
SolarWinds fixes hardcoded credentials flaw in Web Help Desk
SolarWinds has released a hotfix for a critical Web Help Desk vulnerability that allows attackers to log into...
Go wild: Wildcard support in Rules and a new open-source wildcard crate
Back in 2012, we introduced Page Rules, a pioneering feature that gave Cloudflare users unprecedented control over how...
U.S. charges Karakurt extortion gang’s “cold case” negotiator
A member of the Russian Karakurt ransomware group has been charged in the U.S. for money laundering, wire...
Product Recall: Fantasy Wireless charging pad supplied with a Royal National Institute of Blind People (RNIB) branded accord player (2406-0131)
Source:: UK Gov Product Safety Alerts, Reports and Recalls
Google Cloud Run now allows AI inferencing on Nvidia GPUs
Google Cloud has updated its managed compute service Cloud Run with a new feature that will allow enterprises...
The Facts About Continuous Penetration Testing and Why It’s Important
What is Continuous Attack Surface Penetration Testing or CASPT? Continuous Penetration Testing or Continuous Attack Surface Penetration Testing...
Memory corruption vulnerabilities in Suricata and FreeRDP
As a cybersecurity company, before we release our products, we perform penetration tests on them to make sure...
Dad hacks database to fake death and avoid child support pay
The man, from Kentucky, has been jailed for what a judge in the US called his “cynical” actions....
Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild
Google has rolled out security fixes to address a high-severity security flaw in its Chrome browser that it...
Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access
Cybersecurity researchers have disclosed a critical security flaw in the LiteSpeed Cache plugin for WordPress that could permit...
GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges
GitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including...
New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining
Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that’s designed to mine cryptocurrency after brute-forcing their...
Cisco Unified Communications Manager Denial of Service Vulnerability
A vulnerability in the SIP call processing function of Cisco Unified Communications Manager (Unified CM) and Cisco Unified...
Cisco Unified Communications Manager Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications...
Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote...
Cisco Identity Services Engine REST API Blind SQL Injection Vulnerabilities
Multiple vulnerabilities in the REST API of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker...
Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote...
Man sentenced for hacking state registry to fake his own death
A 39-year old man from Somerset, Kentucky, was sentenced to 81 months in federal prison for identity theft...
Google fixes ninth Chrome zero-day exploited in attacks this year
Today, Google released a new Chrome emergency security update to patch a zero-day vulnerability, the ninth one tagged...