Vulnerability: Page 24


  • Communication network concept. GUI (Graphical User Interface).
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Organizations lag on confidence and policies to manage open source security

    It's taking longer for companies to find open source vulnerabilities, and shaky policies mean only the most critical vulnerabilities are attended to. 

    By June 24, 2022
  • CISA, cybersecurity, agency
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Attackers keep targeting VMware Horizon, exploiting unpatched Log4Shell

    In one case, CISA found multiple threat actors compromising an organization using Log4Shell, which leveraged access to gain remote command and control.

    By Naomi Eide • June 24, 2022
  • Programming scripts on laptop monitor, unauthorized remote hacking of server
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Dozens of vulnerabilities threaten major OT device makers

    Researchers from Forescout’s Vedere Labs found 56 vulnerabilities across big names like Honeywell and Motorola raising design-level security concerns.

    By June 21, 2022
  • close up programmer man hand typing on keyboard laptop for register data system or access password at dark operation room , cyber security concept - stock photo
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Microsoft releases long sought patch for Office Follina zero day as CISA, customers assess impact

    The fix comes two weeks after the industry was forced to improvise with a workaround solution, while nation-state and criminal actors exploited the vulnerability.

    By June 15, 2022
  • close up programmer man hand typing on keyboard laptop for register data system or access password at dark operation room , cyber security concept - stock photo
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Microsoft resolves critical vulnerability in Azure Synapse after prior patches fall short

    Orca Security warned in January that attackers could gain remote code execution, taking over tenant workspaces.

    By June 14, 2022
  • cybersecurity stock photo
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Tenable CEO calls out Microsoft on lack of transparency on vulnerabilities

    Amit Yoran claims Microsoft failed to acknowledge a critical vulnerability in Azure until Tenable said it would go public.

    By June 13, 2022
  • An aerial view on a sunny morning of several of San Francisco's most well known architectural landmarks. A backdrop of the skyscrapers and Bay Bridge behind them.
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    5 takeaways from the RSA Conference

    The event tried to pick up where it left off 28 months ago. Can defenders keep up with the accelerated pace and scale of the cyber threat?

    By June 13, 2022
  • Programming scripts on laptop monitor, unauthorized remote hacking of server
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Threat actors deploy new attack methods as Microsoft Follina vulnerability lingers

    Researchers discover new vectors, including the use of remote access trojan AsyncRAT.

    By June 10, 2022
  • cybersecurity stock photo
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    FBI, CISA issue warning on China-backed cyber threats against the telecom industry

    State-sponsored actors are targeting small and home office networking equipment for access.

    By June 8, 2022
  • Server room (Sefa Ozel/Getty)
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Attackers aim for Atlassian Confluence zero day with mass, targeted exploitation

    The threat activity comes days after Atlassian released a security fix for the on-premise vulnerability.

    By June 7, 2022
  • A large hallway with supercomputers inside a server room data center.
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Atlassian releases fix for critical zero day impacting Confluence

    Attackers could take control of affected devices without need for authentication.

    By June 3, 2022
  • cybersecurity stock photo
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    CISA issues warning after critical zero day hits Atlassian's Confluence

    No patch or workaround is currently available and federal agencies are required to disconnect from the product.

    By June 3, 2022
  • Image attribution tooltip
    Sean Gallup via Getty Images
    Image attribution tooltip

    Food supplier cyber risk spreads 1 year after JBS attack

    Ransomware attacks target common vulnerabilities like legacy OT systems and equipment that lacks modern security tools.

    By June 2, 2022
  • close up programmer man hand typing on keyboard laptop for register data system or access password at dark operation room , cyber security concept - stock photo
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Microsoft zero day under attack as industry awaits patch

    One threat actor has been exploiting the Follina vulnerability to deliver malware, Proofpoint researchers said Tuesday.

    By Updated June 8, 2022
  • A group of co-workers surround a computer screen
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Microsoft Office zero day leaves researchers scrambling over the holiday weekend

    The company warns a successful attack could allow an attacker to install programs, delete data or create new accounts. 

    By Updated May 31, 2022
  • Futuristic city VR wire frame with group of people. This is entirely 3D generated image.
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Persistent vulnerabilities put VMware on the defense

    Recent flaws earned the company CISA's 10th emergency directive, the latest in a series of potential high-impact flaws for enterprise users.

    By May 27, 2022
  • close up programmer man hand typing on keyboard laptop for register data system or access password at dark operation room , cyber security concept - stock photo
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Feds release grim reminder: Threat actors prey on basic security mishaps

    Federal authorities and U.S. allies admonished companies to tighten weak controls and configurations.

    By May 20, 2022
  • A large hallway with supercomputers inside a server room data center.
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Critical VMware vulnerabilities resurface after threat actors evade patches within 48 hours

    Even with new patches available, CISA is concerned that threat actors will easily shake off the fixes once again.

    By Updated June 2, 2022
  • Aerial view of the city of Washington DC including the Capitol, the Washington Monument, the National Mall and the Lincoln Memorial at the blue hour
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Tech giants pledge multimillion down payment to secure open source

    Top technology companies offered $30 million toward a two-year goal to bolster software supply chain security.

    By May 13, 2022
  • Image depicts the implementation of cybersecurity with a lock displayed over a screen.
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Critical CVEs put Aruba Networks, Avaya enterprise switches at risk

    Researchers previously found similar vulnerabilities in Smart-UPS devices.

    By May 3, 2022
  • Computer language script and coding on screen.
    Image attribution tooltip
    themotioncloud via Getty Images
    Image attribution tooltip

    Familiar names top 2021's most-exploited vulnerabilities list

    Top ransomware operators, including Hive and Conti, are exploiting flawed systems to launch new attacks, researchers warn.

    By May 2, 2022
  • Computer language script and coding on screen.
    Image attribution tooltip
    themotioncloud via Getty Images
    Image attribution tooltip

    IT leaders remain bullish on open source despite security hiccups

    Enterprise adoption of open source has not cooled, but flaws have highlighted the need for a better understanding of dependencies.

    By Brian Eastwood • April 25, 2022
  • A woman looking at her laptop holding a payment card.
    Image attribution tooltip
    Permission granted by Cybersource
    Image attribution tooltip
    Sponsored by Cybersource/Visa

    Merchants prioritize fraud prevention as fraud costs, impact to businesses rise

    Merchants are grappling with which tools to use, which are most effective and how to balance rising fraud attacks on a limited budget without hampering CX.   

    April 25, 2022
  • Communication network concept. GUI (Graphical User Interface).
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    AWS reissues Log4Shell hotpatch after vulnerabilities found

    Researchers warn attackers can escape containers and escalate privileges.

    By April 22, 2022
  • Rendered image depicting global networks.
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Threat detection accelerates in Asia, Europe, as notification trends shift

    Median dwell time fell as organizations boosted cybersecurity defenses, shared threat intelligence.

    By April 19, 2022