CVE-2026-33378

Using the $timeGroup macro, one can achieve an OOM by overloading the server. This requires a SQL datasource. If the server is set up to auto-restart, the impact is minimal or non-existent, as the attack can take upwards of half an hour to crash the server...

From Megabits to Terabits: Gcore Radar Warns of a New Era of DDoS Attacks

As we enter 2024, Gcore has released its latest Gcore Radar report, a twice-annual publication in which the company releases internal analytics to track DDoS attacks. Gcore's broad, internationally distributed network of scrubbing centers allows them to follow attack trends over time. Read on to...

Surviving the 800 Gbps Storm: Gain Insights from Gcore's 2023 DDoS Attack Statistics

Gcore Radar is a quarterly report prepared by Gcore that provides insights into the current state of the DDoS protection market and cybersecurity trends. This report offers you an understanding of the evolving threat landscape and highlights the measures required to protect against attacks...

Surviving the 800 Gbps Storm: Gain Insights from Gcore's 2023 DDoS Attack Statistics

Gcore Radar is a quarterly report prepared by Gcore that provides insights into the current state of the DDoS protection market and cybersecurity trends. This report offers you an understanding of the evolving threat landscape and highlights the measures required to protect against attacks...

The Global DDoS Threat Landscape – October 2022

Every month in this space, we will post the Global DDoS Threat Landscape blog on behalf of the Imperva Threat Research team. As DDoS attacks continue to pose a significant risk to businesses it is critical that we regularly communicate our Threat Research team’s findings to help the cybersecurity...

Today’s Data Breach Environment: An Overview

By now, companies and consumers alike are well aware of the threat of a data breach. Large and small businesses across every sector have been targeted, and many customers are now familiar with the notification that their username, password or other details might have been compromised. The...

ThreatList: Fewer Big DDoS Attacks in Q3, Overall Rate Holds Steady

When it comes to distributed denial of service DDoS attacks, the third quarter of 2018 marked an apparent lull in the action, with fewer huge, multi-day attacks than in previous quarters. Researchers however warn against having a false sense of security: The total number of attacks in the quarter...

Password-Guessing Was Used to Hack Gentoo Linux Github Account

Maintainers of the Gentoo Linux distribution have now revealed the impact and "root cause" of the attack that saw unknown hackers taking control of its GitHub account last week and modifying the content of its repositories and pages. The hackers not only managed to change the content in compromis...

Wavecrack - Web Interface For Password Cracking With Hashcat

A user-friendly Web interface to share an hashcat cracking box among multiple users with some pre-defined options. Screenshots The homepage Adding an hash to crack Seeing the results and some stats Outline This Web application can be used to launch asynchronous password cracks with hashcat. The...

Logpoint < 5.6.4 - Root Remote Code Execution

Exploit Title: Unauthenticated remote root code execution on logpoint 5.6.4 Date: 11/06/17 Exploit Author: agix Vendor Homepage: https://www.logpoint.com Version: logpoint 5.6.4 Tested on: 5.6.2 Vendor contact 19/04 Exploit details sent to the vendor 24/04 Patch in test mode 05/05 Patch release t...

US Top Source of Web Application Attacks

The United States is no longer the most obese country in the world thanks to Mexico, but it still ranks No. 1 as the preeminent global source of Web-based attacks, according to the Imperva Web Application Attack Report. The report also notes that attackers are targeting retail-related application...