Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

Security on a Shoestring? Cloud, Consolidation Best Bets for Businesses

With a recession potentially coming, some companies are cutting security teams. But moving more infrastructure to the cloud and reducing the number of vendors through consolidation may be the best ways to prepare.

DARKReading
Open in Source
#microsoft#cisco#intel#sap
Google WordPress Plug-in Bug Allows AWS Metadata Theft

A successful attacker could use the SSRF vulnerability to collect metadata from WordPress sites hosted on an AWS server, and potentially log in to a cloud instance to run commands.

'Sextortion,' Business Disruption, and a Massive Attack: What Could Be in Store for 2023

Our growing interconnectedness poses almost as many challenges as it does benefits.

Zerobot Adds Brute Force, DDoS to Its IoT Attack Arsenal

Threat actors continue to evolve the malicious botnet, which has also added a list of new vulnerabilities it can use to target devices.

The Era of Cyber Threat Intelligence Sharing

We spent forty years defending ourselves as individuals. Trying to outsmart cybercriminals, outpower them, and when all our efforts failed, only then we considered banding together with our peers to outnumber them. Cybercriminals don't reinvent themselves each time. Their resources are limited, and they have a limited budget. Therefore they use playbooks to attack many people. Meaning most of

CVE-2022-41697: TALOS-2022-1625 || Cisco Talos Intelligence Group

A user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send a series of HTTP requests to trigger this vulnerability.

CVE-2022-41654: TALOS-2022-1624 || Cisco Talos Intelligence Group

An authentication bypass vulnerability exists in the newsletter subscription functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability.

Zerobot Botnet Emerges as a Growing Threat with New Exploits and Capabilities

The Zerobot DDoS botnet has received substantial updates that expand on its ability to target more internet-connected devices and scale its network. Microsoft Threat Intelligence Center (MSTIC) is tracking the ongoing threat under the moniker DEV-1061, its designation for unknown, emerging, or developing activity clusters. Zerobot, first documented by Fortinet FortiGuard Labs earlier this month,

Godfather Android banking malware is on the rise

Categories: Android Categories: News Tags: Android Tags: banking Trojan Tags: Godfather Tags: Anubis Tags: lay-over screen Tags: MYT Tags: Google Protect Researchers have uncovered a new campaign of the Godfather banking Trojan, that comes with some new tricks. (Read more...) The post Godfather Android banking malware is on the rise appeared first on Malwarebytes Labs.

Sharing Netflix, Disney+, other passwords is illegal, according to new guidance

Categories: News Tags: Netflix Tags: Disney+ Tags: Hulu Tags: HBO Max Tags: password sharing The UK government is flagging password sharing of streaming service credentials as piracy. (Read more...) The post Sharing Netflix, Disney+, other passwords is illegal, according to new guidance appeared first on Malwarebytes Labs.