Microsoft Response to Distributed Denial of Service (DDoS) Attacks against HTTP/2 | MSRC Blog

Microsoft Response to Distributed Denial of Service (DDoS) Attacks against HTTP/2 | MSRC Blog Beginning in September 2023, Microsoft was notified by industry partners about a newly identified Distributed Denial-of-Service (DDoS) attack technique being used in the wild targeting HTTP/2 protocol. This vulnerability (CVE-2023-44487) impacts any internet exposed HTTP/2 endpoints. Read more…

CloudTrail

How to Identify and Combat It

How to Identify and Combat It Oct 25, 2023The Hacker NewsRansomware/ Malware Threat In today’s digital landscape, around 60% of corporate data now resides in the cloud, with Amazon S3 standing as the backbone of data storage for many major corporations. Despite S3 being a secure service from a reputable Read more…

OAuth Flaws

Critical OAuth Flaws Uncovered in Grammarly, Vidio, and Bukalapak Platforms

Critical OAuth Flaws Uncovered in Grammarly, Vidio, and Bukalapak Platforms Oct 25, 2023Newsroom Critical security flaws have been disclosed in the Open Authorization (OAuth) implementation of popular online services such as Grammarly, Vidio, and Bukalapak, building upon previous shortcomings uncovered in Booking[.]com and Expo. The weaknesses, now addressed by the Read more…

Vulnerability

Critical Flaw in NextGen’s Mirth Connect Could Expose Healthcare Data

Critical Flaw in NextGen’s Mirth Connect Could Expose Healthcare Data Oct 26, 2023NewsroomVulnerability / Network Security Users of Mirth Connect, an open-source data integration platform from NextGen HealthCare, are being urged to update to the latest version following the discovery of an unauthenticated remote code execution vulnerability. Tracked as CVE-2023-43208, Read more…