New ‘ALBeast’ Vulnerability Exposes Weakness in AWS Application Load Balancer
As many as 15,000 applications using Amazon Web Services’ (AWS) Application Load Balancer (ALB) for authentication are potentially susceptible to […]
news
news
SolarWinds fixes hardcoded credentials flaw in Web Help Desk
SolarWinds has released a hotfix for a critical Web Help Desk vulnerability that allows attackers to log into unpatched systems
news
Go wild: Wildcard support in Rules and a new open-source wildcard crate
Back in 2012, we introduced Page Rules, a pioneering feature that gave Cloudflare users unprecedented control over how their web
news
U.S. charges Karakurt extortion gang’s “cold case” negotiator
A member of the Russian Karakurt ransomware group has been charged in the U.S. for money laundering, wire fraud, and
news
Product Recall: Fantasy Wireless charging pad supplied with a Royal National Institute of Blind People (RNIB) branded accord player (2406-0131)
Source:: UK Gov Product Safety Alerts, Reports and Recalls
news
Google Cloud Run now allows AI inferencing on Nvidia GPUs
Google Cloud has updated its managed compute service Cloud Run with a new feature that will allow enterprises to run
news
The Facts About Continuous Penetration Testing and Why It’s Important
What is Continuous Attack Surface Penetration Testing or CASPT? Continuous Penetration Testing or Continuous Attack Surface Penetration Testing (CASPT) is
news
Memory corruption vulnerabilities in Suricata and FreeRDP
As a cybersecurity company, before we release our products, we perform penetration tests on them to make sure they are
news
Dad hacks database to fake death and avoid child support pay
The man, from Kentucky, has been jailed for what a judge in the US called his “cynical” actions. Source:: BBC
news
Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild
Google has rolled out security fixes to address a high-severity security flaw in its Chrome browser that it said has
news
Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access
Cybersecurity researchers have disclosed a critical security flaw in the LiteSpeed Cache plugin for WordPress that could permit unauthenticated users
news
GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges
GitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical
news
New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining
Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that’s designed to mine cryptocurrency after brute-forcing their way into
news
Cisco Unified Communications Manager Denial of Service Vulnerability
A vulnerability in the SIP call processing function of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager
news
Cisco Unified Communications Manager Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session
news
Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to
news
Cisco Identity Services Engine REST API Blind SQL Injection Vulnerabilities
Multiple vulnerabilities in the REST API of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct
news
Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to
news
Man sentenced for hacking state registry to fake his own death
A 39-year old man from Somerset, Kentucky, was sentenced to 81 months in federal prison for identity theft and faking
news
Google fixes ninth Chrome zero-day exploited in attacks this year
Today, Google released a new Chrome emergency security update to patch a zero-day vulnerability, the ninth one tagged as exploited