Several Cisco Products Exposed to DoS Attacks Due to Snort Vulnerability

Cisco informed customers on Wednesday that several of its products are exposed to denial-of-service (DoS) attacks due to a vulnerability in the Snort detection engine. read more SecurityWeek RSS Feed

Preventing CSRF Attacks

Cross-site request forgery (CSRF, sometimes pronounced ???sea surf??? and not to be confused with cross-site scripting) is a simple yet invasive malicious exploit of a website. It involves a cyberattacker adding a button or link to a suspicious website that makes a request to another site you???re authenticated on. For example, a user is logged […]

Group-IB: ransomware empire prospers in pandemic-hit world. Attacks grow by 150%

Group-IB published a report titled “Ransomware Uncovered 2020-2021”. analyzes ransomware landscape in 2020 and TTPs of major threat actors. Group-IB, a global threat hunting and adversary-centric cyber intelligence company, has presented its new report “Ransomware Uncovered 2020-2021”. The research dives deep into the global ransomware outbreak in 2020 and analyzes major players’ TTPs (tactics, techniques, and procedures). By […]

Supply Chain Attacks and Nation State Pwnage: A Primer

Last Sunday night, while I was lounging on the couch watching some British Bake Off, I got word of the Solar Winds supply chain hack. After kicking back the last of my whiskey, I immediately got on the phone to start IR at work, cuz, yep, we have Solar Winds too. Who’da thunk it? Anyway, […]

Supermicro, Pulse Secure release fixes for ‘TrickBoot’ attacks

Supermicro and Pulse Secure have released advisories warning that some of their motherboards are vulnerable to the TrickBot malware’s UEFI firmware-infecting module, known as TrickBoot. […] BleepingComputer

Next Page »