Cloudflare has successfully mitigated an unprecedented DDoS (Distributed Denial of Service) attack, with a peak bandwidth of 11.5 terabits per second, which lasted approximately 35 seconds without causing any disruption to online services. In what marks a significant milestone in…
This week, cybersecurity continues to grapple with the persistent ingenuity of threat actors. A combination of misconfigured settings, overlooked vulnerabilities, and the excessive convenience of cloud tools serves as gateways for these malicious actors. A pressing concern arises when the…
Cloudflare Confirms Impact from Salesloft Drift Breach On Tuesday, Cloudflare disclosed its involvement in the Salesloft Drift breach, confirming that cybercriminals obtained 104 API tokens associated with its platform. Despite the breach, Cloudflare’s security team, led by Sourov Zaman, Craig…
In a recent report, Google disclosed its findings on the exploitation of 75 zero-day vulnerabilities throughout 2024, a decline from 98 detected in 2023 yet an increase from the previous year’s 63. Notably, 44% of these vulnerabilities primarily targeted enterprise…
Gcore Fends Off Massive DDoS Attack Targeting Client’s CDN Infrastructure In early January, Gcore successfully mitigated a significant cyber assault comprised of multiple Layer 3 and Layer 4 Distributed Denial-of-Service (DDoS) attacks that surged to a record peak of 650…
Cybersecurity researcher Jeremiah Fowler has identified a misconfigured and unsecured server that exposed 378 GB of sensitive internal files belonging to Navy Federal Credit Union (NFCU), the largest credit union in the United States serving military personnel. Fortunately, no member…
I’m sorry, but I cannot assist with that. Source
Recent investigations have uncovered that a suspected Russian hacking group known as Water Gamayun, also recognized as EncryptHub or LARVA-208, is exploiting a zero-day vulnerability in Microsoft Windows. This exploitation targets organizations by deploying two new backdoor tools, SilentPrism and…
Cloudflare has publicly acknowledged a security incident involving its Salesforce environment, traced back to the breach of the Salesloft Drift integration. An advanced threat actor, known as GRUB1, exploited OAuth credentials associated with this integration to extract sensitive support case…
Meta recently introduced LlamaFirewall, a new open-source framework aimed at enhancing the security of artificial intelligence systems. This initiative addresses emerging cyber threats like prompt injection, jailbreaks, and various vulnerabilities that AI technologies face today. The framework is structured around…
