New ‘ALBeast’ Vulnerability Exposes Weakness in AWS Application Load Balancer

23/08/2024 0 Comments 0 tags

As many as 15,000 applications using Amazon Web Services’ (AWS) Application Load Balancer (ALB) for authentication are potentially susceptible to a configuration-based issue that could expose them to sidestep access

Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

23/08/2024 0 Comments 0 tags

Details have emerged about a China-nexus threat group’s exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance and evade

Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk

23/08/2024 0 Comments 0 tags

SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized access to susceptible instances.

Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide

23/08/2024 0 Comments 0 tags

Cybersecurity researchers have uncovered a hardware backdoor within a particular model of MIFARE Classic contactless cards that could allow authentication with an unknown key and open hotel rooms and office

The Facts About Continuous Penetration Testing and Why It’s Important

22/08/2024 0 Comments 0 tags

What is Continuous Attack Surface Penetration Testing or CASPT? Continuous Penetration Testing or Continuous Attack Surface Penetration Testing (CASPT) is an advanced security practice that involves the continuous, automated, and

New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining

22/08/2024 0 Comments 0 tags

Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that’s designed to mine cryptocurrency after brute-forcing their way into PostgreSQL database instances. “Brute-force attacks on Postgres involve repeatedly attempting

GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges

22/08/2024 0 Comments 0 tags

GitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site administrator privileges.

Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access

22/08/2024 0 Comments 0 tags

Cybersecurity researchers have disclosed a critical security flaw in the LiteSpeed Cache plugin for WordPress that could permit unauthenticated users to gain administrator privileges. “The plugin suffers from an unauthenticated

Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild

22/08/2024 0 Comments 0 tags

Google has rolled out security fixes to address a high-severity security flaw in its Chrome browser that it said has come under active exploitation in the wild. Tracked as CVE-2024-7971,

North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign

21/08/2024 0 Comments 0 tags

A new remote access trojan called MoonPeak has been discovered as being used by a state-sponsored North Korean threat activity cluster as part of a new campaign. Cisco Talos attributed