cybersecurity

The Forum of Incident Response and Security Teams (FIRST) has officially released version 4.0 of the Common Vulnerability Scoring System (CVSS). This new version comes four years after the release...

On Tuesday, November 14th, 2023, the United States (US) government initiated the IPStrom takedown, Russian mastermind pled guilty to being the brains behind the operation. The IPStrom malware network was...

In a recent wave of cyber disruptions, the elusive Anonymous hacker group Sudan, self-identified as Storm-1359, claimed responsibility for orchestrating a distributed denial-of-service (DDoS) attack that temporarily incapacitated Cloudflare’s website....

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a notable update incorporating a high-severity vulnerability in the Service Location Protocol (SLP) into its Known Exploited Vulnerabilities (KEV) catalog. This...

Attention Docker users: a new threat known as OracleIV is on the rise, targeting publicly accessible Docker Engine API instances. Researchers from Cado have uncovered a campaign where attackers exploit...

In a recent discovery, 48 malicious npm packages have been found lurking in the npm repository. These tricky packages have the power to deploy a reverse shell on compromised systems,...

CISA has put a spotlight on a high-severity Service Location Protocol (SLP) vulnerability. CISA has bumped it up to the Known Exploited Vulnerabilities catalog. Why the fuss? Well, there’s evidence...

Atlassian has issued a warning regarding a Confluence vulnerability that could expose your system to data destruction attacks. This vulnerability, identified as CVE-2023-22518, is an authentication bypass issue with a...

While checking my cybersecurity news feed a couple of days ago, an account (re-)publishing stories from years gone by was highlighting a late 2000 (actual year 2000, not the decade)...

In a surprising turn of events, the Mozi botnet experienced a sudden and significant drop in malicious activities in August 2023. This unexpected decline was attributed to the deployment of...

In recent news, F5 has issued a critical security alert regarding a significant BIG-IP vulnerability that poses a severe risk to their BIG-IP systems. This vulnerability, rated at 9.8 out...

In the realm of healthcare, the security and integrity of patient data are paramount. However, a recent discovery has shed light on a critical vulnerability within Mirth Connect, an open-source...