IBM file transfer service under active exploit, security researchers warn

Ransomware groups are still exploiting a vulnerability in unpatched versions of Aspera Faspex almost four months after IBM issued a patch.

By Matt Kapko • March 31, 2023

Outlook zero-day still vulnerable to attackers with prior access, researchers find

Days after Microsoft issued a patch, researchers demonstrated that threat actors could still bypass the mitigation steps from within a network.

By David Jones • March 20, 2023

Zero-days fell by one-third in 2022, Mandiant says

Zero-day vulnerabilities in security, IT and network management products, which are consistently connected to the internet, claimed nearly 1 in 5 exploits.

By Matt Kapko • March 20, 2023

Outlook zero day linked to critical infrastructure attacks

State-linked actors have targeted oil and gas, transportation and defense industries in Europe.

By David Jones • March 16, 2023

CISA launches ransomware warning pilot for critical infrastructure providers

The agency already warned dozens of organizations about ProxyNotShell.

By David Jones • March 14, 2023

GitHub to begin rollout of 2FA security upgrade for developers

The enhancement is part of a wider series of security measures following a series of malicious cyberattacks.

By David Jones • March 9, 2023

Cloud skills gap raises cyber concerns for banks

As financial sector companies push forward with modernization, difficulty sourcing talent looms as a potential security risk.

By Matt Ashare • March 7, 2023

Organizations tempt risk as they deploy code more frequently

An imbalance between developers and security professionals on staff spotlights a disconnect between these business functions and objectives.

By Matt Kapko • March 7, 2023

Who is liable for flawed software? New guidance upends the security standard

Development practices and safe harbor provisions are the subject of major debate as work to implement the White Houses’ cyber strategy begins.

By David Jones • March 6, 2023

An ongoing SOC skills shortage could spell trouble for compliance

Without skilled analysts to monitor the SOC, the risk of a successful cyberattack breaking through a company’s defenses grows. 

By Sue Poremba • March 1, 2023

LastPass compromise grew worse after DevOps engineer targeted for encryption key

A threat actor used data from multiple breaches and a vulnerability on a high-level employee’s home computer to steal customer passwords.

By Matt Kapko • Feb. 28, 2023

Google backs federal push for tech to embrace ‘secure by design’

CISA has urged the technology industry to develop more resilient products before they reach customers.

By David Jones • Feb. 15, 2023

What’s known about the ESXiArgs ransomware hitting VMware servers

An initial strain affected thousands of devices before a new variant emerged. The latest burst of attacks hit Saturday.

By Matt Kapko • Feb. 15, 2023

VMware ransomware was on the rise leading up to ESXiArgs spree, research finds

Recorded Future analysis underscores a growing ransomware threat confronting organizations using VMware ESXi.

By Matt Kapko • Feb. 13, 2023

VMware ransomware evolves to evade data recovery, reinfects servers

The new ESXiArgs strain has reinfected more than 1,150 VMware servers and represents more than 4 in 5 live infections, according to open-source ransomware data.

By Matt Kapko • Feb. 10, 2023

Unsophisticated ransomware campaign targeting VMware ripe for copycats

Ransomware doesn’t typically hit thousands of potential victims at once. “All of it’s very strange,” one security researcher said.

By Matt Kapko • Feb. 8, 2023

Sports betting apps fumble open source, placing users at risk

On the cusp of Super Bowl 57, researchers from Synopsys warned popular mobile betting apps face a higher than average risk of being hacked.

By David Jones • Feb. 7, 2023

Ransomware attack spree hits thousands of VMware servers

Cyber authorities linked the attacks, dubbed ESXiArgs, to a two-year-old VMware vulnerability. At least 2,250 machines have been compromised.

By Matt Kapko • Feb. 6, 2023

CVEs expected to rise in 2023, as organizations still struggle to patch

Most CVEs are exploited within 30 days of public disclosure, a Coalition report found, spelling trouble for organizations trying to shore up their defenses.

By David Jones • Feb. 3, 2023

Industrial organizations may worry too much about ICS vulnerabilities

The pressure to constantly patch is more likely to damage industrial plants, Dragos CEO Robert M. Lee said.

By Matt Kapko • Jan. 27, 2023

Exchange Server under pressure as opportunistic actors step up attacks

Bitdefender Labs warns threat actors are using the ProxyNotShell/OWASSRF exploit chains to launch attacks.

By David Jones • Jan. 25, 2023

Almost half of critical manufacturing organizations face significant risk of data breach

A report presented at the World Economic Forum shows key sectors are under pressure from rising vulnerabilities and a slower rate of patching.

By David Jones • Jan. 23, 2023

Four Microsoft Azure services found vulnerable to server-side request forgery

Researchers from Orca Security said no authentication was required in two of the four instances.

By David Jones • Jan. 17, 2023

Citrix flaw exploited in ransomware attack against small US business

Threat actors linked to ransomware group Royal are actively exploiting a vulnerability in two Citrix products, researchers found.

By David Jones • Jan. 13, 2023

Open-source repository risk amplified on GitHub

Inconsistent or delayed code commits create risk as repositories age, Veracode research found.

By Matt Kapko • Jan. 12, 2023