eSecurity Planet

OCTOBER 2, 2023

This shared certificate is then abused to bypass Cloudflare DDoS security and launch DDoS attacks against known server IP addresses. The problem: The key vulnerability, CVE-2023-40044 , affects potentially thousands of WS_FTP servers worldwide with an RCE vulnerability in the Ad Hoc Transfer module. rating under CVSS v3.1

DDOS 107

DDOS Encryption Software Ransomware 107

eSecurity Planet

MAY 2, 2024

The 2023 vendor surveys arriving this quarter paint a picture of a cybersecurity landscape under attack, with priority issues affecting deployment, alert response, and exposed vulnerabilities. Sophos: Noted that 43% of all 2023 malware signature updates are for stealers, spyware, and keyloggers often used to steal credentials from devices.

Cybersecurity 119

Cybersecurity DDOS Penetration Testing Passwords 119

Thales Cloud Protection & Licensing

FEBRUARY 15, 2023

The Pain of Double Extortion Ransomware divya Thu, 02/16/2023 - 06:10 Ransomware perpetrators are adopting more sophisticated attack techniques with much success. The problem is that businesses are not yet aware of double or triple extortion ransomware and how these tactics can affect their data protection strategies.

Ransomware 71

Ransomware Encryption Backups Cyber Insurance 71

eSecurity Planet

AUGUST 12, 2023

Trellix researchers are disclosing a number of critical data center power management platform vulnerabilities at DEFCON 2023 today. Here are the vulnerabilities they discovered, including their CVEs, CVSS scores, and a brief description of each: CyberPower DCIM: CVE-2023-3264: Use of Hard-coded Credentials (CVSS 6.7)

Authentication 98

Authentication Spyware DDOS Cybersecurity 98

eSecurity Planet

OCTOBER 13, 2023

SecureWorks’ pentesting services are aimed at sophisticated enterprise security concerns such as mimicking adversaries, exposing the kill chain, ransomware attack simulation, IoT/OT, physical security and insider threats. You can unsubscribe at any time.

Penetration Testing 117

Penetration Testing Social Engineering Software Cyber Attacks 117

eSecurity Planet

JANUARY 18, 2024

CSP’s Professional Security Expertise CSPs’ professional security expertise substantially contributes to the security capabilities and improvement of the general resilience of cloud storage. They cited lower risk, enhanced security, and cost savings as they go through migration.

Risk 122

Risk Backups Encryption DDOS 122

eSecurity Planet

MARCH 19, 2024

Frequent Ransomware Target QNAP Discloses 3 Vulnerabilities Type of vulnerability: Improper authentication, injection vulnerability, SQL injection (SQLi). Ransomware gangs, notably Deadbolt, Checkmate, and Qlocker, actively targeted QNAP vulnerabilities in the past. The vulnerability, CVE-2023-48788 , earns a critical CVSS score of 9.8

Authentication 117

Authentication VPN Software DDOS 117