+84949482065
An improper handling of malformed request vulnerability [CWE-228] exists in FortiADC 5.0 all versions, 6.0.0 all versions, 6.1.0 all versions, 6.2.0 through 6.2.3, and 7.0.0 through 7.0.2. This may allow…
It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. Using this command with an unreachable endpoint caused the WARP Client to…
Financial service providers, such as banks and credit card companies, use a vast amount of APIs, which makes them an attractive target for threat actors. That’s why API security is…
Microsoft has fixed an authentication bypass vulnerability in Jupyter Notebooks for Azure Cosmos DB. Microsoft says that the missing authentication checks issue was introduced in August. Researchers from Orca reported…
Numerous news sites across the US are serving up malware, according to Proofpoint Threat Research. The issue appears to be a supply chain attack: the attackers targeted a content and…
Mondelez International has settled a lawsuit it brought against the Zurich American Insurance Company for the insurer’s refusal to pay a $100 million claim over a cyberattack. Mondelez International’s IT…
A new Magniber campaign was found delivering fake Windows 10 and antivirus software updates to target home users, while staying undetected. Post-encryption the attackers demand a ransom of up to…
A ransomware gang says it published information including medical test results and identity cards stolen from a Barcelona hospital system that serves more than 1 million patients each year. More…
Former Uber Chief Security Officer (CSO) Joe Sullivan has been convicted on charges of obstructing justice and actively hiding a felony. While the Federal Trade Commission was investigating an earlier…
Researchers from Kaspersky recently looked into less-commonly used vectors of infection in malware campaigns. The methods include infection through malicious torrents (CLoader), infections through a fake TOR browser (OnionPoison), and…
