Vulnerability: Page 19
-
Motortion via Getty Images
Threat actors deploy new attack methods as Microsoft Follina vulnerability lingers
Researchers discover new vectors, including the use of remote access trojan AsyncRAT.
By David Jones • June 10, 2022 -
Yudram_TA via Getty Images
FBI, CISA issue warning on China-backed cyber threats against the telecom industry
State-sponsored actors are targeting small and home office networking equipment for access.
By David Jones • June 8, 2022 -
Sefa Ozel/Getty via Getty Images
Attackers aim for Atlassian Confluence zero day with mass, targeted exploitation
The threat activity comes days after Atlassian released a security fix for the on-premise vulnerability.
By David Jones • June 7, 2022 -
luza studios via Getty Images
Atlassian releases fix for critical zero day impacting Confluence
Attackers could take control of affected devices without need for authentication.
By David Jones • June 3, 2022 -
Yudram_TA via Getty Images
CISA issues warning after critical zero day hits Atlassian's Confluence
No patch or workaround is currently available and federal agencies are required to disconnect from the product.
By David Jones • June 3, 2022 -
Sean Gallup via Getty Images
Food supplier cyber risk spreads 1 year after JBS attack
Ransomware attacks target common vulnerabilities like legacy OT systems and equipment that lacks modern security tools.
By Matt Kapko • June 2, 2022 -
Chainarong Prasertthai via Getty Images
Microsoft zero day under attack as industry awaits patch
One threat actor has been exploiting the Follina vulnerability to deliver malware, Proofpoint researchers said Tuesday.
By David Jones • Updated June 8, 2022 -
Yuri Arcurs via Getty Images
Microsoft Office zero day leaves researchers scrambling over the holiday weekend
The company warns a successful attack could allow an attacker to install programs, delete data or create new accounts.
By David Jones • Updated May 31, 2022 -
gremlin via Getty Images
Persistent vulnerabilities put VMware on the defense
Recent flaws earned the company CISA's 10th emergency directive, the latest in a series of potential high-impact flaws for enterprise users.
By Matt Kapko • May 27, 2022 -
Chainarong Prasertthai via Getty Images
Feds release grim reminder: Threat actors prey on basic security mishaps
Federal authorities and U.S. allies admonished companies to tighten weak controls and configurations.
By David Jones • May 20, 2022 -
luza studios via Getty Images
Critical VMware vulnerabilities resurface after threat actors evade patches within 48 hours
Even with new patches available, CISA is concerned that threat actors will easily shake off the fixes once again.
By Matt Kapko • Updated June 2, 2022 -
Amy Sparwasser/ iStock via Getty Images
Tech giants pledge multimillion down payment to secure open source
Top technology companies offered $30 million toward a two-year goal to bolster software supply chain security.
By David Jones • May 13, 2022 -
anyaberkut via Getty Images
Critical CVEs put Aruba Networks, Avaya enterprise switches at risk
Researchers previously found similar vulnerabilities in Smart-UPS devices.
By David Jones • May 3, 2022 -
themotioncloud via Getty Images
Familiar names top 2021's most-exploited vulnerabilities list
Top ransomware operators, including Hive and Conti, are exploiting flawed systems to launch new attacks, researchers warn.
By David Jones • May 2, 2022 -
themotioncloud via Getty Images
IT leaders remain bullish on open source despite security hiccups
Enterprise adoption of open source has not cooled, but flaws have highlighted the need for a better understanding of dependencies.
By Brian Eastwood • April 25, 2022 -
Permission granted by Cybersource
Sponsored by Cybersource/VisaMerchants prioritize fraud prevention as fraud costs, impact to businesses rise
Merchants are grappling with which tools to use, which are most effective and how to balance rising fraud attacks on a limited budget without hampering CX.
April 25, 2022 -
metamorworks via Getty Images
AWS reissues Log4Shell hotpatch after vulnerabilities found
Researchers warn attackers can escape containers and escalate privileges.
By David Jones • April 22, 2022 -
DKosig via Getty Images
Threat detection accelerates in Asia, Europe, as notification trends shift
Median dwell time fell as organizations boosted cybersecurity defenses, shared threat intelligence.
By David Jones • April 19, 2022 -
Permission granted by Autodesk
Construction sector mulls cyber risk: hackers toying with materials
Structural integrity specs in automated systems could become a target. Here's how companies like Trimble, Procore and Autodesk are preparing.
By Sebastian Obando • March 31, 2022 -
iStock / Getty Images Plus via Getty Images
Big tech is fixing bugs faster. Will that influence trickle down?
If a customer lacks urgency in deploying a patch, a flaw can linger.
By Sue Poremba • March 25, 2022 -
Carsten Koall via Getty Images
Russian state-sponsored actors target PrintNightmare, MFA settings
ESET researchers are separately warning about new data wiping malware.
By David Jones • March 16, 2022 -
Michael Loccisano via Getty Images
Education sector more prepared for cyberattacks than most
An analysis from Immersive Labs shows K-12 and higher ed are more willing to comply with ransomware demands.
By Kara Arundel • March 11, 2022 -
NicoElNino / Canva
Sponsored by EnzoicThe threat from within: How to address the employee element in password security
There are numerous sides to the password problem, but here are a few common issues to know.
March 7, 2022 -
JohnnyGreig via Getty Images
Medtech, hospitals on alert for cyberattacks after Russia's invasion of Ukraine
The Russia-Ukraine conflict has raised the cyberthreat level for medtech and hospitals, putting patient safety at risk.
By Greg Slabodkin • March 2, 2022 -
iStock / Getty Images Plus via Getty Images
Critical SAP CVEs leave broad exposure, fixes require downtime
Thousands of systems remain vulnerable, including applications not connected to the public internet.
By David Jones • Feb. 17, 2022
Previous
