Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software
Cisco addressed three high-severity flaws in NX-OS and FXOS software that could cause denial-of-service (DoS) conditions. Cisco this week addressed…
Security
Cloud and hosting provider Leaseweb took down critical systems after a cyber attack
The cloud and hosting provider Leaseweb suffered a security breach that impacted some “critical” systems of the company. Global hosting…
2023 OWASP Top-10 Series: API5:2023 Broken Function Level Authorization
Welcome to the 6th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a…
French employment agency Pôle emploi data breach impacted 10M people
Pôle emploi, the French government employment agency suffered a data breach that impacted 10 million individuals. The French government employment…
Crypto investor data exposed by a SIM swapping attack against a Kroll employee
Security consulting giant Kroll disclosed a data breach resulting from a SIM-swapping attack against one of its employees. Security consulting…
Friday Squid Blogging: China’s Squid Fishing Ban Ineffective
China imposed a “pilot program banning fishing in parts of the south-west Atlantic Ocean from July to October, and parts…
API Abuse – Lessons from the Duolingo Data Scraping Attack
It’s been reported that 2.6 million user records sourced from the Duolingo app are for sale. The attacker apparently obtained…
Hacking Food Labeling Laws
This article talks about new Mexican laws about food labeling, and the lengths to which food manufacturers are going to…
Whiffy Recon malware triangulates the position of infected systems via Wi-Fi
Experts observed the SmokeLoader malware delivering a new Wi-Fi scanning malware strain dubbed Whiffy Recon. Secureworks Counter Threat Unit (CTU)…
FBI: Patches for Barracuda ESG Zero-Day CVE-2023-2868 are ineffective
The FBI warned that patches for a critical Barracuda ESG flaw CVE-2023-2868 are “ineffective” and patched appliances are still being…