Skip to content
cyber attacks Page 42

cyber attacks

Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide

Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide

Aug 22, 2024Ravie LakshmananHardware Security / Supply Chain Attack Cybersecurity researchers have uncovered a hardware backdoor within a particular model of MIFARE Classic contactless cards that could allow authentication with an unknown key and open… 

Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

Aug 22, 2024Ravie LakshmananNetwork Security / Zero-Day Details have emerged about a China-nexus threat group’s exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance… 

New ‘ALBeast’ Vulnerability Exposes Weakness in AWS Application Load Balancer

New ‘ALBeast’ Vulnerability Exposes Weakness in AWS Application Load Balancer

Aug 22, 2024Ravie LakshmananCloud Security / Application Security As many as 15,000 applications using Amazon Web Services’ (AWS) Application Load Balancer (ALB) for authentication are potentially susceptible to a configuration-based issue that could expose them… 

The Facts About Continuous Penetration Testing and Why It’s Important

The Facts About Continuous Penetration Testing and Why It’s Important

What is Continuous Attack Surface Penetration Testing or CASPT? Continuous Penetration Testing or Continuous Attack Surface Penetration Testing (CASPT) is an advanced security practice that involves the continuous, automated, and ongoing penetration testing services of… 

Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access

Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access

Aug 22, 2024Ravie LakshmananWebsite Security / Vulnerability Cybersecurity researchers have disclosed a critical security flaw in the LiteSpeed Cache plugin for WordPress that could permit unauthenticated users to gain administrator privileges. “The plugin suffers from… 

GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges

GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges

Aug 22, 2024Ravie LakshmananEnterprise Software / Vulnerability GitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site… 

New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining

New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining

Aug 22, 2024Ravie LakshmananDatabase Security / Cryptocurrency Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that’s designed to mine cryptocurrency after brute-forcing their way into PostgreSQL database instances. “Brute-force attacks on Postgres involve… 

Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data

Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data

Aug 21, 2024Ravie LakshmananSoftware Security / Vulnerability Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft’s Copilot Studio that could be exploited to access sensitive information. Tracked as CVE-2024-38206 (CVSS score: 8.5), the vulnerability…