News • Insights • Analysis
By Ross Moore Buckets, Containers, and Blobs – Oh, My! 2 common sources of data leaks are buckets and containers. GrayhatWarfare – one of several services dedicated to scanning for public-facing buckets – has a “database of 416712 buckets, Read More …
The Philippine military is creating a cyber command to improve defences against almost daily cyber attacks and will relax recruitment rules to ensure it can attract online experts, the chief of the armed forces said on Thursday. Several government agencies, Read More …
On Oct. 10, 2023, Citrix released a security bulletin for a sensitive information disclosure vulnerability (CVE-2023-4966) impacting NetScaler ADC and NetScaler Gateway appliances. Mandiant has identified zero-day exploitation of this vulnerability in the wild beginning in late August 2023. Successful Read More …
China has set up a professional committee focusing on governance of artificial intelligence (AI) security in a bid to build a sustained foundation for the sound development of the emerging industry, according to the country’s cyber security association. On Thursday, Read More …
Microsoft Threat Intelligence has revealed that it has been tracking the active exploitation of a vulnerability in Atlassian Confluence software since September 14, 2023. At the time the attacks were first observed the vulnerability was a zero-day, meaning that no Read More …
CISA released nineteen Industrial Control Systems (ICS) advisories on October 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-285-01 Siemens SIMATIC CP products ICSA-23-285-02 Siemens SCALANCE W1750D ICSA-23-285-03 Siemens SICAM A8000 Devices Read More …
Based on incidents analyzed by Microsoft, it can take only a single hop from the attacker’s initial access vector to compromise domain admin-level accounts. For instance, an attacker can target an over-privileged service account configured in an outdated and vulnerable Read More …
In an era defined by interconnectedness and digital transformation, the role of cybersecurity in modern maritime warfare has grown. The maritime domain is increasingly vulnerable to cyber threats which can have serious consequences to national security. Cybersecurity is no longer Read More …
On September 18, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) announced that its Known Exploited Vulnerabilities (KEV) catalog has reached the milestone of covering more than 1,000 vulnerabilities since its launch in November 2021. This may seem like a Read More …
A number of Google services and Cloud customers have been targeted with a novel HTTP/2-based DDoS attack which peaked in August. These attacks were significantly larger than any previously-reported Layer 7 attacks, with the largest attack surpassing 398 million requests Read More …
