Cloudflare DDoS protections ironically bypassed using Cloudflare
An attacker can setup a custom domain with Cloudflare and point the DNS A record to victims IP address
Read More...
Cisco announced a critical Web UI RCE flaw in multiple IP phones
The RCE flaw (CVE-2023-20078) allows attackers to inject arbitrary commands that will be executed with root privileges following successful exploitation
Read More...
New DDoS-as-a-Service platform used in recent attacks on hospitals
"Passion" offers the option of ten attack vectors, allowing subscribers to customize their attack as needed and even combine vectors to bypass mitigations implemented by the target
Read More...
Cisco discloses high-severity IP phone bug with exploit code
Cisco has disclosed today a high-severity vulnerability affecting the latest generation of its IP phones and exposing them to remote code execution and denial of service (DoS) attacks
Read More...
FBI warns of residential proxies used in credential stuffing attacks
Typically, these proxies are made available to cybercriminals by hacking legitimate residential devices such as modems or other IoTs or through malware that converts a home user's computer into a proxy without their knowledge.
Read More...
CISA adds 7 vulnerabilities to list of bugs exploited by hackers
The 'Known Exploited Vulnerabilities Catalog' is a list of vulnerabilities shared by CISA that are known to be actively exploited in cyberattacks and must be patched by the Federal Civilian Executive Branch (FCEB) agencies.
Read More...
Palo Alto Networks: New PAN-OS DDoS flaw exploited in attacks
Palo Alto Networks has issued a security advisory warning of an actively exploited high-severity vulnerability impacting PAN-OS, the operating system used by the company's networking hardware products.
Read More...