ALBeast: Misconfiguration Flaw Exposes 15,000 AWS Load Balancers to Risk

/in

ALBeast is a critical vulnerability that allows attackers to bypass authentication and authorization in AWS ALB-based applications. Learn…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Styx Stealer Creator’s OPSEC Fail Leaks Client List and Profit Details

/in

In what’s a case of an operational security (OPSEC) lapse, the operator behind a new information stealer called Styx Stealer leaked data from their own computer, including details related to the clients, profit information, nicknames, phone numbers, and email addresses.
Styx Stealer, a derivative of the Phemedrone Stealer, is capable of stealing browser data, instant messenger sessions from

The Hacker News – ​Read More

McAfee unleashes AI deepfake audio detector – but how reliable can it be?

/in

Altered audio can signal a scam, and Deepfake Detector promises to find them. Here are the PCs it works on and what it will cost you.

Latest stories for ZDNET in Security – ​Read More

Critical Heap Overflow Vulnerability Discovered in FFmpeg, PoC Published

/in

CVE-2024-7272 is a critical heap overflow vulnerability found in FFmpeg, the popular multimedia framework. The vulnerability affects versions up to 5.1.5 and has a CVSS score of 8.8.

Cyware News – Latest Cyber News – ​Read More

Google Cloud Unveils New Security Services and Capabilities 

/in

Several security-related enhancements have been announced at the 2024 Google Cloud Security Summit.

The post Google Cloud Unveils New Security Services and Capabilities  appeared first on SecurityWeek.

SecurityWeek – ​Read More

TLS Bootstrap Attack on Azure Kubernetes Services can Leak Sensitive Credentials

/in

A new threat known as “WireServing” has been identified in Azure Kubernetes Services (AKS) by Mandiant. This vulnerability could have allowed attackers to escalate privileges and access sensitive credentials within compromised clusters.

Cyware News – Latest Cyber News – ​Read More

Azure Kubernetes Services Vulnerability Exposed Sensitive Information

/in

A vulnerability in Azure Kubernetes Services could have allowed attackers to escalate privileges and access sensitive information on the clusters.

The post Azure Kubernetes Services Vulnerability Exposed Sensitive Information appeared first on SecurityWeek.

SecurityWeek – ​Read More

RCE Vulnerability in Atlassian Bamboo Data Center and Server

/in

This flaw, present in versions 9.1.0 through 9.6.0, allows authenticated attackers to execute arbitrary code within the Bamboo environment, posing risks to confidentiality, integrity, and availability.

Cyware News – Latest Cyber News – ​Read More

The 6 Best Malware Removal Software Providers for 2024

/in

Compare the top six malware removal software for 2024. Bitdefender leads, with Norton and Malwarebytes as strong contenders.

Security | TechRepublic – ​Read More

New Msupedge Backdoor Targeting Taiwan Employs Stealthy Communications

/in

Hackers have been using a PHP vulnerability to deploy a stealthy backdoor called Msupedge. This backdoor was recently used in a cyberattack against an unnamed university in Taiwan.

Cyware News – Latest Cyber News – ​Read More