WAF Vulnerability in Akamai, Cloudflare, and Imperva Affected 40% of Fortune 100 Companies
A recently discovered security vulnerability dubbed "BreakingWAF" in the configuration of web application firewall (WAF) services has left numerous Fortune 1000 companies vulnerable to cyberattacks, according to Zafran, a leading cybersecurity research team.
The...
U.S. Officials Warn Americans to Use Only Encrypted Messaging Apps
In the wake of an unparalleled cyberattack targeting major U.S. telecommunications providers, including AT&T, Verizon, and Lumen Technologies, federal officials have urged Americans to protect their communications by using encrypted messaging apps.
Microsoft has dubbed...
New Prompt Injection LLMail-Inject Attack Let Users Compromise Via Email
Microsoft has announced LLMail-Inject, a cutting-edge challenge designed to test and improve defenses against prompt injection attacks in LLM-integrated email systems.
This innovative competition, set to begin on December 9, 2024, invites cybersecurity experts and...
.webp?w=324&resize=324,235&ssl=1 "Weekly Cybersecurity Bulletin: Data Leaks, Vulnerabilities & Cybersecurity News")
Weekly Cybersecurity Bulletin: Data Leaks, Vulnerabilities & Cybersecurity News
Welcome to this week’s Cybersecurity Newsletter, where we explore the most recent developments and essential updates in the world of cybersecurity.
Your role in this rapidly evolving digital landscape is crucial, and we're here to...
Romania’s Leading Energy Provider Electrica Group Hit by Ransomware Attack
Electrica Group, one of Romania's most prominent energy service providers, has confirmed it is grappling with a ransomware attack. The cyber incident has prompted the company to activate its emergency response protocols and collaborate...
Let’s Encrypt to End Support for Online Certificate Status Protocol (OCSP)
Let’s Encrypt, a leading provider of free SSL/TLS certificates, has officially announced its timeline for discontinuing support for the Online Certificate Status Protocol (OCSP) in favor of Certificate Revocation Lists (CRLs).
This decision, driven by...
Chrome Security Update, Patch for 3 High-severity Vulnerabilities
Google has released a critical security update for its Chrome browser, addressing three high-severity vulnerabilities that could potentially expose users to significant risks.
The latest update, version 131.0.6778.139/.140 for Windows and Mac and 131.0.6778.139 for...
14 North Korean IT Workers Charged, US to Offer $5 Million Rewards for Info
A federal court in St. Louis, Missouri, has indicted 14 North Korean nationals in a sophisticated scheme involving IT workers who allegedly defrauded US companies and funneled millions of dollars to North Korea's weapons...
Citrix NetScaler Devices Under Attack, Brute-force Attacks Exploiting Zero-days
A significant surge in brute-force attacks targeting Citrix NetScaler devices across multiple organizations.
The attacks, primarily originating from a Hong Kong-based cloud provider, are exploiting misconfigured and outdated systems, coinciding with recent critical vulnerability disclosures...
CISA Warns of Cleo 0-Day Vulnerability Exploited by Ransomware Gangs
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical vulnerability in Cleo's file transfer software being actively exploited by ransomware gangs.
The vulnerability, initially identified as CVE-2024-50623, affects Cleo...
Recent Posts
CyTwist Launches Advanced Security Solution to identify AI-Driven Cyber Threats in...
CyTwist, a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware.
The cybersecurity...