Critical bug in BIG-IP F5 Patched
F5 has disclosed a critical vulnerability in its BIG-IP product.The flaw is in the iControl REST component of BIG-IP. This vulnerability may allow an unauthenticated attacker with network access to…
Docker Honeypots Under Rampant Attacks
Researchers flagged a pair of cyber campaigns that showcase the increasing risk in Docker engines including a compromise aimed at launching DoS attacks on Russian targets. Researchers at Uptycs noticed…
CISCO Patches VM Escape bug in its NFV Software
Administrators need to patch their Cisco Enterprise Network Function Virtualisation Infrastructure Software (NFVIS) to address several critical flaws, tracked as CVE-2022-20777 rated as 9.9 out of 10 CVSS. Attackers could…
Curious Gorge too Curious on Russia
Google Threat Analysis Group has reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge, is targeting Russian government agencies.…
Posted inSecurity
Path Traversal flaw in OWASP ESPI
The Open Web Application Security Project (OWASP) has fixed a critical vulnerability in its Enterprise Security API (ESAPI) whose exploitation could have allowed threat actors to run path traversal attacks.…