A high-risk bug in the Gatsby Cloud Image CDN service allowed attackers to stage server-side request forgery (SSRF) and cross-site scripting (XSS) attacks against some cloud-hosted Gatsby websites. Gatsby is...
Analysts at Orca Security have found a critical vulnerability affecting Azure Cosmos DB that allowed unauthenticated read and write access to containers. Named CosMiss, the security...
The OpenSSL Project has patched two high-severity security flaws in its open-source cryptographic library used to encrypt communication channels and HTTPS connections. The vulnerabilities (CVE-2022-3602 and CVE-2022-3786) affect OpenSSL...
Dropbox disclosed a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub accounts using employee credentials stolen in...
The analyzed ransomware variants—from July to December 2021—amounted to millions of dollars in damages. A new analysis from the Department of Justice’s Financial Crimes Enforcement Network reveals that...
A much-anticipated security update from OpenSSL landed today (November 1) but its impact appears to be considerably less than developers initially feared. OpenSSL 3.0.7 tackles two vulnerabilities...
Last month two Italian security researchers revealed they had netted more than $46,000 in bug bounties after discovering a misconfiguration vulnerability in Akamai – despite receiving nothing from Akamai itself....
Netwrix announced additional findings for the healthcare sector from its global 2022 Cloud Security Report, revealing that 61% of respondents in the healthcare industry suffered a...
In this interview for Help Net Security, James Turgal, VP of Cyber Risk, Strategy and Board Relations at Optiv, talks about election cybersecurity and how to keep elections and...
As cyberattacks have grown increasingly destructive, nations are entertaining the idea of responding to them with conventional military forces. It is difficult to determine how serious...