News & Updates

CVE-2023-29552: Abusing the SLP Protocol to Launch Massive DDoS Amplification Attacks

/

On April 25, 2023, researchers at Bitsight and Curesec jointly discovered a high-severity vulnerability — tracked as CVE-2023-29552 — in the Service Location Protocol (SLP), a legacy Internet protocol. What is SLP protocol? Service Location Protocol (SLP) is a network protocol designed to simplify the process of discovering and accessing network services. Developed by the […]

The post CVE-2023-29552: Abusing the SLP Protocol to Launch Massive DDoS Amplification Attacks appeared first on Blog.

News & Updates

Researchers Discover 3 Vulnerabilities in Microsoft Azure API Management Service

/
Three new security flaws have been disclosed in Microsoft Azure API Management service that could be abused by malicious actors to gain access to sensitive information or backend services.
This includes two server-side request forgery (SSRF) flaws and one instance of unrestricted file upload functionality in the API Management developer portal, according to Israeli cloud security firm Ermetic.
News & Updates

Researchers Uncover New Exploit for PaperCut Vulnerability That Can Bypass Detection

/
Cybersecurity researchers have found a way to exploit a recently disclosed critical flaw in PaperCut servers in a manner that bypasses all current detections.
Tracked as CVE-2023-27350 (CVSS score: 9.8), the issue affects PaperCut MF and NG installations that could be exploited by an unauthenticated attacker to execute arbitrary code with SYSTEM privileges.
While the flaw was patched by the
News & Updates

Why the Things You Don’t Know about the Dark Web May Be Your Biggest Cybersecurity Threat

/
IT and cybersecurity teams are so inundated with security notifications and alerts within their own systems, it’s difficult to monitor external malicious environments – which only makes them that much more threatening. 
In March, a high-profile data breach hit national headlines when personally identifiable information connected to hundreds of lawmakers and staff was leaked on the dark web. The
News & Updates

Meta Uncovers Massive Social Media Cyber Espionage Operations Across South Asia

/
Three different threat actors leveraged hundreds of elaborate fictitious personas on Facebook and Instagram to target individuals located in South Asia as part of disparate attacks.
“Each of these APTs relied heavily on social engineering to trick people into clicking on malicious links, downloading malware or sharing personal information across the internet,” Guy Rosen, chief information
News & Updates

Meta Warns of Malware Wave Using ChatGPT’s Image and Name

/
Meta’s security researchers have identified a wave of malware using the name,
design and even some of the functionality of ChatGPT to trick people into
downloading and installing malicious software.

It’s no secret that malicious campaigns follow popular or well-known societal
events, and it’s difficult to find something more popular than ChatGPT. This
technology took the world by storm, and criminals immediately saw a new way of
tricking people.

Using the ChatGPT image, name and other attribut

Exit mobile version