security flaw Archives

NIST CSF vulnerabilities ransomware backlog

NIST Deprioritizes Pre-2018 CVEs as Backlog Struggles Continue

Jeffrey Burt | April 9, 2025 | app vulnerabilities, NIST, NIST CVE Backlog, security flaw

NIST, which for more than a year has been struggling to address a backlog of CVEs in its database following budget cuts, is now putting pre-2018 vulnerabilities on the back burner to ...

Security Boulevard

HTTP/2 Vulnerability: Protect Web Servers from DoS Attacks

Wajahat Raja | April 17, 2024 | CERT Coordination Center (CERT/CC), CVE (Common Vulnerabilities and Exposures), Cybersecurity, Cybersecurity News, Denial-of-Service (DoS), HTTP/2, Network Protocol, patch management, Performance Degradation, security flaw, Server Performance, Service Disruption, software update, vulnerability, Vulnerability Exploitation, Web security, Web Server Security

In the digital landscape, security is paramount, especially for web servers handling vast amounts of data. As per recent reports, a vulnerability has emerged within the HTTP/2 protocol, shedding light on potential ...

TuxCare

LayerSlider Plugin Flaw Exposes 1M Sites To SQL Injections

Wajahat Raja | April 15, 2024 | CVE-2024-2879, Cybersecurity, Cybersecurity News, Data breach, exploitation, LayerSlider Plugin, patch management, security flaw, sql injection, threat actors, vulnerability, vulnerability assessment, Website Protection, Website Security, wordpress security

Recent media reports have revealed a crucial LayerSlider plugin flaw. According to these reports, this flaw has exposed numerous WordPress sites to SQL attacks and infections. If exploited, the flaw allows users ...

TuxCare

Cisco Vulnerability Fix: Protection From High-Risk Threats

Wajahat Raja | January 26, 2024 | Cisco Security Update, Cisco Vulnerability, CVE-2024-20272, CVSS score, Cybersecurity News, cybersecurity threats, FTC Cybersecurity Regulations, Network Security, security flaw, software patching, Unity Connection

In recent developments, Cisco has taken swift action to address a critical security flaw impacting Unity Connection, a vulnerability marked as CVE-2024-20272, with a concerning CVSS score of 7.3. This flaw could ...

TuxCare

DarkCasino WinRAR Exploit: A New APT Threat Emerges

Wajahat Raja | November 30, 2023 | Advanced persistent threat, APT Threat, Cryptocurrency Users, CVE-2023-38831, CVSS score, Cybersecurity, Cybersecurity News, DarkCasino, DarkCasino Malicious Activity, DarkMe Trojan, EvilNum, NSFOCUS, Online Financial Services, phishing campaign, security flaw, WinRAR Exploit

In a recent cybersecurity revelation, a formidable and highly sophisticated cyber threat has surfaced, going by the name DarkCasino. Initially perceived as a phishing campaign orchestrated by the EvilNum group, recent analyses ...

TuxCare

Kinsing Actors Target Cloud Environments Exploiting Looney Tunables

Rohan Timalsina | November 14, 2023 | cloud environments, Cloud Threats, Cyber Threats, Cybersecurity Weaknesses, enterprise security, KernelCare Enterprise, Kinsing malware, Linux & Open Source News, linux exploits, linux live patching, Looney Tunables, security flaw

Recently, there has been a concerning development in the world of cloud security. A group of threat actors linked to Kinsing is actively targeting cloud environments. They are doing this by taking ...

TuxCare

Check Point Reveals Azure Cloud Security Flaw

Michael Vizard | January 30, 2020 | azure, Check Point, cloud breach, Cloud Security, cyberthreat, Public cloud, security flaw

Check Point Software Technologies revealed today its researchers were able to exploit a flaw to take over servers in the Microsoft Azure Cloud. The flaw in the Azure App Service used to ...

Security Boulevard

Update your iOS devices now against the FaceTime eavesdropping bug

Graham Cluley | February 8, 2019 | FaceTime bug, Industry News, ios, Mobile & Gadgets, security flaw, security vulnerability

Last week a bug became such big news that it broke out of the technology press, and into the mainstream media – generating headlines around the globe. The reason? A bizarre bug ...

HOTforSecurity

Angry ex-employee blamed for hack of WordPress plugin developer, and email to customers warning of security hole

Graham Cluley | January 21, 2019 | Industry News, security flaw, WordPress plugin

This weekend, users of the popular WordPress translation plugin WPML (also known as WordPress MultiLingual) received an email from a hacker claiming to expose serious security vulnerabilities in the software that allegedly ...

HOTforSecurity

detection, campaigns, threat, HEAT, managed detection and response, Apache ActiveMQ, vulnerability, Aqua Cham, threat, elGang APT Meltdown Spectre Threat Detection

Moving Beyond Meltdown and Spectre in Threat Detection

Varun Badhwar | April 6, 2018 | Cloud, security flaw, threats

When it comes to security flaws, Microsoft is in the bounty-hunting game. It will send a check of up to $250,000 to developers who can find a bugs similar to the Meltdown ...

Security Boulevard