Recent Security News
-
Decoding CVE-2023-50164: Unveiling the Apache Struts File Upload Exploit
December 15, 2023 at 02:37AM The blog discusses CVE-2023-50164, a critical vulnerability in Apache Struts 2 that enables unauthorized path traversal and remote code execution. It advises users to upgrade to Struts 2.5.33, 6.3.0.2, or higher to mitigate the risk. The vulnerability is exploited by various threat actors and can be mitigated using security solutions…
-
New NKAbuse Malware Exploits NKN Blockchain Tech for DDoS Attacks
December 15, 2023 at 01:24AM A new threat named NKAbuse has emerged, using the decentralized NKN network for communication. The malware leverages NKN technology to conduct DDoS attacks and function as an implant in compromised Linux systems, with potential expansion into IoT devices. NKAbuse lacks self-propagation and integrates backdoor features, making it a serious security…
-
Kraft Heinz investigates hack claims, says systems ‘operating normally’
December 14, 2023 at 06:35PM Kraft Heinz confirmed their systems are normal with no evidence of a breach listed by an extortion group. Kraft Heinz, a leading food and beverage company, is being threatened by the Snatch extortion group, but no proof of breach was provided. The company is investigating claims but sees no evidence…
-
Modern Attack Surface Management (ASM) for SecOps
December 14, 2023 at 05:57PM The text discusses the challenges in securing today’s attack surface and the need for modern Attack Surface Management (ASM) solutions in SecOps. It emphasizes the importance of robust ASM solutions that provide rapid discovery, real-time risk assessment, proactive risk remediation, and an integrated platform approach. The Trend Vision One platform…