Adobe ColdFusion Flaw Let Attackers Gain Access to Sensitive Files – PoC Released
Adobe has addressed a critical vulnerability in its ColdFusion software, which could have allowed attackers to read files arbitrarily from the system.
The flaw, identified as CVE-2024-20767, has been patched, but the details surrounding...
Microsoft Notifies DevOps Teams That Major Domain Change Is Coming
Microsoft is unifying its cloud domain for Microsoft 365 services under "cloud.microsoft" to streamline the user experience and administration, which aims to reduce domain fragmentation for authenticated user-facing apps and services.
The consolidation will enhance...
UK’s NCSC Releases SCADA Security Guidance to the Cloud
The National Cyber Security Centre (NCSC) of the United Kingdom has recently published a comprehensive set of guidelines designed to assist organizations in securely transitioning their Supervisory Control and Data Acquisition (SCADA) systems to...
UNC1549 Hackers Abuse Microsoft Azure Cloud To Attack Defense Sectors
A new threat activity has been discovered that relates to the Iran-Nexus espionage activity that targets Aerospace, Aviation, and defense industries in multiple countries, including Israel, UAE, Turkey, India, and Albania.
This threat activity...
Five Eyes Agencies Exposes Russian APT29 Cloud Attack Tactis
In a groundbreaking advisory, cybersecurity agencies from the Five Eyes intelligence alliance have detailed the sophisticated tactics, techniques, and procedures (TTPs) employed by APT29, a notorious cyber espionage group linked to Russia's SVR intelligence...
Hackers Heavily Abusing Google Cloud Run to Deliver Banking Malware
Large-scale malware distribution campaigns are abusing Google Cloud Run to transmit banking trojans, including Astaroth (also known as Guildma), Mekotio, and Ousaban, to European and Latin American targets.
With Cloud Run, you can promptly execute...
ChatGPT-Powered Malware Attacking Cloud Platforms to Steal Login Credentials
Threat actors can potentially exploit ChatGPT to generate convincing phishing emails or deceptive content encouraging users to download malware.
They may also use the model to obfuscate malicious code or to assist in social engineering...
Palo Alto Networks to Acquire Cloud Security Start-up Dig
One of the top companies in the cybersecurity industry, Palo Alto Networks, has recently finalized the acquisition of Dig Security, an up-and-coming startup that specializes in providing advanced security solutions for cloud-based systems.
Palo Alto...
Cloudflare Observed The Peak DDOS Attack of 201 Million HTTP Requests Per Second
DDoS (Distributed Denial of Service) attacks are extremely destructive and alarming since they flood a target's web services with overwhelming traffic.
This can disrupt or even completely disable:-
Websites
Servers
Networks
This can cause significant financial losses, damage to...
Top 10 Best SaaS Security Tools – 2024
Introduction :
Security management across multiple Software-as-a-Service (SaaS) clouds can present challenges, primarily stemming from the heightened prevalence of malware and ransomware attacks.
In the present landscape, organizations encounter many challenges with Software-as-a-Service (SaaS).
One of...