Weak credentials, unpatched vulnerabilities, malicious OSS packages causing cloud security risks
Threat actors are getting more adept at exploiting common, everyday issues in the cloud, including misconfigurations, weak credentials, lack of authentication, unpatched vulnerabilities, and malicious...
Cloud Security Alerts Take Six Days to Resolve
Palo Alto report warns of an expanding cloud attack surface Read More
LSN-0094-1: Kernel Live Patch Security Notice
Lin Ma discovered a race condition in the io_uring subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could...
The classified document leak: let’s talk about Jack Teixeira’s need-to-know
The arrest of 21-year-old Airman First Class Jack Teixeira last week has inspired myriad reactions from armchair pundits declaring 21 is too young to be...
19 startups to check out at RSA Conference 2023
This year’s RSA Conference showcases promising startups from all over the world, many of which are making their first public appearance. Most will be exhibiting...
Conversational Attacks Fastest Growing Mobile Threat
Pig butchering and similar scams could soon be AI-driven Read More
UK’s SMEs to Benefit From New Cyber Advisors
Accredited consultants will drive Cyber Essentials take-up Read More
[CVE-2023-22897] SecurePoint UTM <= 12.2.5 “spcgi.cgi” Remote Memory Contents Information Disclosure
Posted by Julien Ahrens (RCE Security) on Apr 18 RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: SecurePoint UTM Vendor URL: https://www.securepoint.de/en/for-companies/firewall-vpn Type: Use...
[CVE-2023-22620] SecurePoint UTM <= 12.2.5 “spcgi.cgi” sessionId Information Disclosure Allowing Device Takeover
Posted by Julien Ahrens (RCE Security) on Apr 18 RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: SecurePoint UTM Vendor URL: https://www.securepoint.de/en/for-companies/firewall-vpn Type: Exposure...
Phishing Attacks Surge as Threat Actors Leverage New AI Tools
Large language models like ChatGPT and phishing kits have significantly contributed to the growth of phishing, Zscaler’s 2023 ThreatLabz Phishing Report claims Read More