Security
Headlines
HeadlinesLatestCVEs

Tag

#ddos

RubyGems Makes Multi-Factor Authentication Mandatory for Top Package Maintainers

RubyGems, the official package manager for the Ruby programming language, has become the latest platform to mandate multi-factor authentication (MFA) for popular package maintainers, following the footsteps of NPM and PyPI. To that end, owners of gems with over 180 million total downloads are mandated to turn on MFA effective August 15, 2022. "Users in this category who do not

The Hacker News
Open in Source
#web#ddos#nodejs#auth#ruby#The Hacker News
CVE-2020-23622: CVE-2020-12695: CallStranger Vulnerability in Universal Plug and Play (UPnP) Puts Billions of Devices At Risk

** UNSUPPORTED WHEN ASSIGNED ** An issue in the UPnP protocol in 4thline cling 2.0.0 through 2.1.2 allows remote attackers to cause a denial of service via an unchecked CALLBACK parameter in the request header.

Credential Theft Is (Still) A Top Attack Method

Credential theft is clearly still a problem. Even after years of warnings, changing password requirements, and multiple forms of authentication, password stealing remains a top attack method used by cyber criminals. The latest report from the Ponemon Institute shares that 54% of security incidents were caused by credential theft, followed by ransomware and DDoS attacks. 59% of organizations

Black Hat and DEF CON Roundup

‘Summer Camp’ for hackers features a compromised satellite, a homecoming for hackers and cyberwarfare warnings.

Killnet Claim They’ve Stolen Employee Data from Lockheed Martin

By Waqas The pro-Russia Killnet hacker group claims that the stolen information includes PII data such as email addresses and… This is a post from HackRead.com Read the original post: Killnet Claim They’ve Stolen Employee Data from Lockheed Martin

Ways That VoIP Technology Is Impacting Marketplaces and How to Adapt

By Owais Sultan VoIP stands for Voice Over Internet Protocol. It allows users to communicate wirelessly and with high-quality sound. This has… This is a post from HackRead.com Read the original post: Ways That VoIP Technology Is Impacting Marketplaces and How to Adapt

Crucial Cybersecurity Software Features (2022)

By Owais Sultan Cyberattacks aim to breach device, program, and system defenses to access critical company or individual data. If a… This is a post from HackRead.com Read the original post: Crucial Cybersecurity Software Features (2022)

New Hacker Forum Takes Pro-Ukraine Stance

A uniquely politically motivated site called DUMPS focuses solely on threat activity directed against Russia and Belarus

The Business of Hackers-for-Hire Threat Actors

Today's web has made hackers' tasks remarkably easy. For the most part, hackers don't even have to hide in the dark recesses of the web to take advantage of people any longer; they can be found right in plain sight on social media sites or forums, professionally advertised with their websites, and may even approach you anonymously through such channels as Twitter. Cybercrime has entered a new

Russia-Ukraine Conflict Holds Cyberwar Lessons

Initial attacks used damaging wiper malware and targeted infrastructure, but the most enduring impacts will likely be from disinformation, researchers say. At Black Hat USA, SentinelOne's Juan Andres Guerrero-Saade and Tom Hegel will discuss.