Continuous Threat Exposure Management (CTEM) is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each of these stages plays a crucial role in identifying, addressing, and mitigating vulnerabilities –
Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors
Cloudflare has disclosed that it mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps) and lasted 65 seconds.
The web infrastructure and security company said it fended off “over one hundred hyper-volumetric L3/4 DDoS attacks throughout the month, with many exceeding 2 billion packets per second (Bpps) and 3 terabits per second (
The web infrastructure and security company said it fended off “over one hundred hyper-volumetric L3/4 DDoS attacks throughout the month, with many exceeding 2 billion packets per second (Bpps) and 3 terabits per second (
Russia Arrests 96 People Tied to US-Disrupted Cryptocurrency Exchanges
Russian authorities have arrested 96 individuals suspected of having ties to US-disrupted UAPS and Cryptex cryptocurrency exchanges.
The post Russia Arrests 96 People Tied to US-Disrupted Cryptocurrency Exchanges appeared first on SecurityWeek.
WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks
A new high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable malicious actors to execute arbitrary JavaScript code under certain conditions.
The flaw, tracked as CVE-2024-47374 (CVSS score: 7.2), has been described as a stored cross-site scripting (XSS) vulnerability impacting all versions of the plugin up to and including 6.5.0.2.
It was
The flaw, tracked as CVE-2024-47374 (CVSS score: 7.2), has been described as a stored cross-site scripting (XSS) vulnerability impacting all versions of the plugin up to and including 6.5.0.2.
It was
Apple iOS 18.0.1 Patches Password Exposure and Audio Snippet Bugs
According to a barebones Apple advisory, the new iOS 18.0.1 fixes two bugs that expose passwords and audio snippets to malicious hackers.
The post Apple iOS 18.0.1 Patches Password Exposure and Audio Snippet Bugs appeared first on SecurityWeek.
Recently patched CUPS flaw can be used to amplify DDoS attacks
A recently disclosed vulnerability in the Common Unix Printing System (CUPS) open-source printing system can be exploited by threat actors to launch distributed denial-of-service (DDoS) attacks with a 600x amplification factor. […]
‘Pig butchering’ trading apps found on Google Play, App Store
Fake trading apps on Google Play and Apple’s App Store lure victims into “pig butchering” scams that have a global reach. […]
Dutch Police: ‘State actor’ likely behind recent data breach
The national Dutch police (Politie) says that a state actor was likely behind the data breach it detected last week. […]
Microsoft and DOJ disrupt Russian FSB hackers’ attack infrastructure
Microsoft and the Justice Department have seized over 100 domains used by the Russian ColdRiver hacking group to target United States government employees and nonprofit organizations from Russia and worldwide in spear-phishing attacks. […]
Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group
The coordinated action resulted in the seizure of more than 100 domains used for spear-phishing targets in the US, UK, and Europe.
The post Microsoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking Group appeared first on SecurityWeek.