May 5, 2022 – TheCyberThrone

Critical bug in BIG-IP F5 Patched

F5 has disclosed a critical vulnerability in its BIG-IP product.The flaw is in the iControl REST component of BIG-IP. This vulnerability may allow an unauthenticated attacker with network access to…

PravinKarthik May 5, 2022

Security

Docker Honeypots Under Rampant Attacks

Researchers flagged a pair of cyber campaigns that showcase the increasing risk in Docker engines including a compromise aimed at launching DoS attacks on Russian targets. Researchers at Uptycs noticed…

PravinKarthik May 5, 2022

CISCO Patches VM Escape bug in its NFV Software

Administrators need to patch their Cisco Enterprise Network Function Virtualisation Infrastructure Software (NFVIS) to address several critical flaws, tracked as CVE-2022-20777 rated as 9.9 out of 10 CVSS. Attackers could…

PravinKarthik May 5, 2022

Curious Gorge too Curious on Russia

Google Threat Analysis Group has reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge, is targeting Russian government agencies.…

PravinKarthik May 5, 2022

Path Traversal flaw in OWASP ESPI

The Open Web Application Security Project (OWASP) has fixed a critical vulnerability in its Enterprise Security API (ESAPI) whose exploitation could have allowed threat actors to run path traversal attacks.…

PravinKarthik May 5, 2022