North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and...
Organizations in the food sector are now also targeted in business email compromise (BEC) attacks that aim to steal entire shipments of food, according to a...
Colombian energy company Empresas Públicas de Medellín (EPM) suffered a BlackCat/ALPHV ransomware attack on Monday, disrupting the company’s operations and taking down online services. EPM is...
The Centers for Medicare and Medicaid said the breach involved a subcontractor that appears to have violated its obligations to the agency. Personal data including bank...
Our second web security roundup begins with news that a brace of network security flaws in products from Fortinet and Citrix have each come under active attack. These attacks were...
In DDoS Protection, Gcore uses the bundle of XDP and regular expressions (regex). This article will explain why Gcore started using this solution (regex in XDP) and how...
Social media analytics platform Social Blade has confirmed they suffered a data breach after its database was breached and put up for sale on a hacking...
A cybersecurity specialist from the watchdog is ready to dive into related policy implications, but says work on agencies’ implementation is the more immediate concern. Organizations...
A dangerous bug in Cacti, the RRDTool frontend and performance/fault management framework, potentially allowed attackers to run arbitrary PHP commands on the server. Cacti is a popular...
A researcher has disclosed a technique that bypassed Akamai web application firewalls (WAF) running Spring Boot, potentially leading to remote code execution (RCE). Akamai’s WAF, which was...
Bug bounty hunters are increasingly unearthing cloud-based vulnerabilities as organizations undergo ‘digital transformation’, a new report has found. Researchers have uncovered more than 65,000 software vulnerabilities...
Recent Comments