Security News
Qualcomm has released security patches for a zero-day vulnerability in the Digital Signal Processor (DSP) service that impacts dozens of chipsets. [...]
Cybersecurity researchers have discovered a new botnet malware family called Gorilla (aka GorillaBot) that is a variant of the leaked Mirai botnet source code. Cybersecurity firm NSFOCUS, which...
Organizations are losing between $94 - $186 billion annually to vulnerable or insecure APIs (Application Programming Interfaces) and automated abuse by bots. That’s according to The Economic...
CLoudflare just blocked the current record DDoS attack: 3.8 terabits per second. (Lots of good information on the attack, and DDoS in general, at the link.) News article.
Cloudflare has revealed that it successfully mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps) and lasted 65 seconds. This attack was part of a larger wave of over one hundred hyper-volumetric Layer 3/4 DDoS attacks throughout the month. Many of these attacks exceeded 2 billion packets per second (Bpps) and 3 Tbps, showcasing the increasing scale and intensity of such threats. The attacks, which have been ongoing since early September 2024, primarily targeted customers in the financial services, Internet, and telecommunications industries.Cloudflare has not attributed these attacks to any specific threat actor. However, the scale of the attacks underlines the growing sophistication of cybercriminals, who continue to exploit vulnerabilities in global digital infrastructure. The company emphasized that these hyper-volumetric attacks focus on overwhelming network layers responsible for packet transmission and reception (L3/4).
A new high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable malicious actors to execute arbitrary JavaScript code under certain conditions....
A recently disclosed vulnerability in the Common Unix Printing System (CUPS) open-source printing system can be exploited by threat actors to launch distributed denial-of-service (DDoS) attacks...
Microsoft and the Justice Department have seized over 100 domains used by the Russian ColdRiver hacking group to target United States government employees and nonprofit organizations from Russia...
Approximately 5% of all Adobe Commerce and Magento online stores, or 4,275 in absolute numbers, have been hacked in "CosmicSting" attacks. [...]
Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks. The cellular baseband...