Cloudflare urged to clamp down on pirates, counterfeiters
The operators of a “disproportionate” number of websites specialising in online piracy or counterfeiting are routinely abusing content delivery network (CDN) services offered by Cloudflare,…
Month: January 2023
Anonymous & co hit Russian routers
As the Russia-Ukraine conflict escalates, Anonymous affiliates have intensified its attack on Russian cyber infrastructure. The hacker group named the latest attack “Operation Turn Ruzzia…
Indian CERT Issues Critical Alert on Control Web Panel Bug
The Indian Cyber Emergency Response Team (CERT-IN) has issued an alert on a critical vulnerability in Control Web Panel (CWP), the popular free web hosting…
IT Burnout may be Putting Your Organization at Risk
The heavy responsibility of securing organizations against cyber-attacks is overwhelming and weighs heavier on security professionals, recent data shows. In fact, fifty-six percent of team…
PoC for critical ManageEngine bug to be released, so get patching! (CVE-2022-47966)
If your enterprise is running ManageEngine products that were affected by CVE-2022-47966, check now whether they’ve been updated to a non-vulnerable version because Horizon3’s will…
Microsoft Azure Services Flaws Could’ve Exposed Cloud Resources to Unauthorized Access
Jan 17, 2023Ravie LakshmananCloud Security / Bug Report Four different Microsoft Azure services have been found vulnerable to server-side request forgery (SSRF) attacks that could…
Claim IR35 reform repeal and U-turn cost the government ‘nothing’ called into question
The financial secretary has come under fire for claiming that no additional costs were incurred as a result of the government announcing a repeal of…
Nissan North America data breach caused by vendor-exposed database
Nissan North America has begun sending data breach notifications informing customers of a breach at a third-party service provider that exposed customer information. The security…
US government announces third Hack The Pentagon challenge
Ethical hackers and bug bounty hunters invited to test Department of Defense assets The US Department of Defense (DoD) is holding its third annual Hack…
Over 6000 Internet-Exposed Cacti Servers are Unpatched
A significant number of servers that use the Cacti software, and are connected to the internet, have not been updated to fix a security vulnerability…
CloudSEK BeVigil app protects Android users from security risks
CloudSEK launched the BeVigil app to provide users with detailed information about the security and privacy practices of their mobile apps. With the BeVigil App,…
Hackers Can Abuse Legitimate GitHub Codespaces Feature to Deliver Malware
Jan 17, 2023Ravie LakshmananThreat Response / Malware New research has found that it is possible for threat actors to abuse a legitimate feature in GitHub…