Recent Security News

  • Chrome 118 Patches 20 Vulnerabilities

    October 11, 2023 at 08:24AM Google has released Chrome 118 with fixes for 20 vulnerabilities, including a critical bug in Site Isolation that could allow sites to steal data. Google has yet to determine the bug bounty reward for this vulnerability. The release also addresses eight medium-severity flaws and five low-severity vulnerabilities. The latest version…

    Read More

  • Organizations Respond to HTTP/2 Zero-Day Exploited for DDoS Attacks

    October 11, 2023 at 08:24AM Tech companies including Cloudflare, AWS, and Google have responded to the HTTP/2 zero-day vulnerability that led to massive distributed denial-of-service attacks. The attacks exploited the HTTP/2 Rapid Reset feature, resulting in servers being taken down. Organizations like CISA, Microsoft, NGINX, F5, Netty, Apache, Swift, and Linux distributions have issued advisories…

    Read More

  • Applying AI to API Security

    October 11, 2023 at 08:24AM AI can add value to API security in several ways. Firstly, it can be used for API discovery, studying request and response data to uncover unknown API endpoints. Secondly, AI can enforce schemas and improve access control by observing and mitigating deviations from learned schemas. Thirdly, AI can identify and…

    Read More

  • CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability 

    October 11, 2023 at 06:42AM The US Cybersecurity and Infrastructure Security Agency (CISA) has added five security vulnerabilities to its Known Exploited Vulnerabilities catalog. These include an Adobe Acrobat and Reader flaw that can be exploited for remote code execution, an out-of-bounds write flaw in Cisco IOS and IOS XE, two zero-days impacting Skype for…

    Read More

  • ICS Patch Tuesday: Siemens Ruggedcom Devices Affected by Nozomi Component Flaws

    October 11, 2023 at 06:42AM Siemens and Schneider Electric have released their Patch Tuesday advisories for October 2023, addressing over 40 vulnerabilities in their products. Siemens has published a dozen advisories, including vulnerabilities in the Ruggedcom APE1808 platform and Nozomi Networks’ Guardian product. Nozomi has already patched these vulnerabilities. Schneider Electric has released advisories for…

    Read More