attackers
-
Blog
Cisco confirms attackers stole data, shuts down access to compromised DevHub environment
Cisco has closed public access to one of its third-party developer environments after threat actors successfully stole data from a public-facing DevHub environment. On 14 October, the prominent threat actor IntelBroker posted on BreachForums that they compromised data including source code, hard-coded credentials, certificates, API tokens, private and public keys, AWS private buckets, Docker builds, and Azure storage buckets as…
Read More » -
Blog
Critical SAP flaw allows remote attackers to bypass authentication
SAP has released its security patch package for August 2024, addressing 17 vulnerabilities, including a critical authentication bypass that could allow remote attackers to fully compromise the system. The flaw, tracked as CVE-2024-41730 and rated 9.8 as per the CVSS v3.1 system, is a “missing authentication check” bug impacting SAP BusinessObjects Business Intelligence Platform versions 430 and 440 and is…
Read More »