Breaking News

•••  All important news related to new attacks and see the solutions we can offer you  •••


SecOps Teams Wrestle with Manual Processes, HR Gaps

Lees de originele artikel hier
Cyber Defense

Only about half of enterprises are satisfied with their ability to detect cybersecurity threats, according to a survey from Forrester Consulting – with respondents painting a picture of major resource and technology gaps hamstringing their efforts to block cyberattacks.

Find out how C2C Professional Services can help you

Mozi: An IOT attack botnet

Cyber Defense

X-Force researchers Dave McMillen, Wi Gao, and Charles DeBeck have published their work on the Mozi botnet and how it has spiked lately in attacks on IoT devices.
First discovered in late 2019, Mozi shares code with Mirai and its variants and accounted for nearly 90% of the observed IoT network traffic from October 2019 through June 2020.

Contact us for a test with Cymulate Breach and Attack Simulation

Drupal addressed XSS and information disclosure flaws

Lees de originele artikel hier
Software Security

Drupal maintainers addressed several information disclosure and cross-site scripting (XSS) vulnerabilities in the popular content management system (CMS).

The most severe issue, tracked as CVE-2020-13668, is a critical reflected XSS issue affecting Drupal 8 and 9. Let’s remind that Drupal uses the NIST Common Misuse Scoring System to determine the severity of the vulnerabilities, in this system critical comess after highest level that is “highly critical”.

“An attacker could leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability.”

Test your CMS with our Nextgen DAST to discover if your website is vulnerable
Load more