#cloud-misconfiguration

[ follow ]
#data-breach #salesforce-security #threat-actor-activity #platform-ecosystem-vulnerabilities
Information security
fromSecuritymagazine
6 days ago

Why Are Platform Ecosystems - Like Salesforce - Often Targeted?

Salesforce warned users of increased threat actor activity exploiting misconfigured publicly accessible sites and permissive guest user settings to gain unauthorized data access for social engineering and vishing campaigns.
#data-breach
more#data-breach
fromThe Hacker News
4 months ago

Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices

The cybersecurity company said PHP servers have emerged as the most prominent targets of these attacks owing to the widespread use of content management systems like WordPress and Craft CMS. This, in turn, creates a large attack surface as many PHP deployments can suffer from misconfigurations, outdated plugins and themes, and insecure file storage. Some of the prominent weaknesses in PHP frameworks that have been exploited by threat actors are listed below - CVE-2017-9841 - A Remote code execution vulnerability in PHPUnit CVE-2021-3129 - A Remote code execution vulnerability in Laravel CVE-2022-47945 - A Remote code execution vulnerability in ThinkPHP Framework
Information security
Information security
fromThe Hacker News
6 months ago

Detecting Data Leaks Before Disaster

A misconfigured ClickHouse database at DeepSeek exposed over one million log entries, including chat histories and secret keys, demonstrating severe cloud data-leak risks.
[ Load more ]