Recent Security News
-
Organizations Respond to HTTP/2 Zero-Day Exploited for DDoS Attacks
October 11, 2023 at 08:24AM Tech companies including Cloudflare, AWS, and Google have responded to the HTTP/2 zero-day vulnerability that led to massive distributed denial-of-service attacks. The attacks exploited the HTTP/2 Rapid Reset feature, resulting in servers being taken down. Organizations like CISA, Microsoft, NGINX, F5, Netty, Apache, Swift, and Linux distributions have issued advisories…
-
Applying AI to API Security
October 11, 2023 at 08:24AM AI can add value to API security in several ways. Firstly, it can be used for API discovery, studying request and response data to uncover unknown API endpoints. Secondly, AI can enforce schemas and improve access control by observing and mitigating deviations from learned schemas. Thirdly, AI can identify and…
-
CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability
October 11, 2023 at 06:42AM The US Cybersecurity and Infrastructure Security Agency (CISA) has added five security vulnerabilities to its Known Exploited Vulnerabilities catalog. These include an Adobe Acrobat and Reader flaw that can be exploited for remote code execution, an out-of-bounds write flaw in Cisco IOS and IOS XE, two zero-days impacting Skype for…