Lucene search
K

69 matches found

Rapid7 Blog
Rapid7 Blog
added 2022/12/08 3:30 p.m.16 views

2023 Cybersecurity Industry Predictions

With 2022 rapidly coming to a close, this is the time of year where it makes sense to take a step back and look at the year in cybersecurity, and make a few critical predictions for what the industry could face in the year ahead. In order to give the security community some insight into where we’...

7AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2022/11/18 6:44 a.m.1638 views

Hive Ransomware is on the rise. How should you deal with it?

Why Now? Hive is not a new problem. It first surfaced in 2021 but it’s becoming a much bigger issue now. This is due to a growing number of affiliates and therefore attacks. 2022 has seen more widespread country and industry target interest too. Ransomware growth in general is becoming a massive...

10CVSS0.7AI score0.99999EPSS
Exploits18
Qualys Blog
Qualys Blog
added 2022/10/28 10:7 p.m.56 views

Don’t spend another weekend patching Chrome

As we head into the weekend, Google has released an emergency security update for the Chrome desktop web browser to address a high-severity vulnerability known to be exploited in the wild. This is the seventh Chrome zero-day fixed this year by Google. This security bug CVE-2022-3723; QID 377721 i...

9.2AI score0.0675EPSS
Exploits1
Qualys Blog
Qualys Blog
added 2022/09/29 2:32 p.m.38 views

Qualys Threat Research Thursday

Welcome to the second edition of the Qualys Research Team’s “Threat Research Thursday”, where we collect and curate notable new tools, techniques, procedures, threat intelligence, cybersecurity news, malware attacks, and more. Feedback on our first edition, Introducing Qualys Threat Research...

0.2AI score0.98905EPSS
Exploits6
Qualys Blog
Qualys Blog
added 2022/09/08 5:52 p.m.41 views

Let Smart Automation Reduce the Risk of Zero-Day Attacks on Third-Party Applications

Last week, Google released yet another zero-day patch for its Chrome browser to fix a high-severity flaw that was already being exploited. That vulnerability CVE-2022-3075 is the sixth actively exploited zero-day found in Chrome this year. While users are grateful for the urgent patch, it was...

9.6AI score0.0568EPSS
Exploits0
Qualys Blog
Qualys Blog
added 2022/09/07 10:24 p.m.39 views

Let Smart Automation Reduce the Risk of Zero-Day Attacks on Third-Party Applications

Last week, Google released yet another zero-day patch for its Chrome browser to fix a high-severity flaw that was already being exploited. That vulnerability CVE-2022-3075 is the sixth actively exploited zero-day found in Chrome this year. While users are grateful for the urgent patch, it was...

9.6AI score0.0568EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/12/11 4:18 a.m.296 views

Extremely Critical Log4J Vulnerability Leaves Much of the Internet at Risk

The Apache Software Foundation has released fixes to contain an actively exploited zero-day vulnerability affecting the widely-used Apache Log4j Java-based logging library that could be weaponized to execute malicious code and allow a complete takeover of vulnerable systems. Tracked as...

10CVSS0.9AI score0.99999EPSS
Exploits351
Malwarebytes
Malwarebytes
added 2021/10/04 9:15 a.m.31 views

A week in security (Sept 27 – Oct 3)

Last week on Malwarebytes Labs Teaching cybersecurity skills to special needs children with Alana Robinson: Lock and Code S02E18 Phone screenshots accidentally leaked online by stalkerware-type company FoggyWeb, analysis of a Nobelium backdoor Instagram Kids put on hold Microsoft, CISA and NSA...

7.3AI score
Exploits0
Akamai Blog
Akamai Blog
added 2021/09/15 7:0 a.m.133 views

Confluence Server Webwork OGNL Injection (CVE-2021-26084): How Akamai Helps You Protect Against Zero-Day Attacks

Recently Atlassian has disclosed a critical RCE Remote Code Execution vulnerability in its Confluence server and Data Center products CVE-2021-26084, which might allow unauthenticated users to execute arbitrary code on vulnerable servers...

9.8CVSS6.1AI score0.99999EPSS
Exploits45
Imperva Blog
Imperva Blog
added 2021/06/30 2:6 p.m.19 views

Mitigating attacks in serverless environments

Serverless computing has become the fastest-growing segment in the cloud services market. The benefits are clear and significant: cost savings and lower operational overhead, giving development teams full control over code and flexibility in the infrastructure. This also means that, in terms of...

0.2AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2021/06/02 6:0 p.m.202 views

odix and Microsoft: Protecting users against malware attacks with free FileWall license

This blog post is part of the Microsoft Intelligent Security Association MISA guest blog series. Learn more about MISA. The fight against malware has become the epic battle of our generation, placing businesses of all sizes against a never-ending stream of hackers and zero-day attacks bent on...

7.3AI score
Exploits0
ThreatPost
ThreatPost
added 2021/02/22 5:51 p.m.109 views

Accellion FTA Zero-Day Attacks Tied to Clop, FIN11

Researchers have identified a set of threat actors dubbed UNC2546 and UNC2582 with connections to the FIN11 and the Clop ransomware gang as the cybercriminal group behind the global zero-day attacks on users of the Accellion legacy File Transfer Appliance product. Click to Register Multiple...

10CVSS1.1AI score0.56411EPSS
Exploits0References9
ThreatPost
ThreatPost
added 2020/11/27 2:0 p.m.34 views

Cybersecurity Predictions for 2021: Robot Overlords No, Connected Car Hacks Yes

Predicting the future is always an iffy proposition. There’s the Nostradamus route, making predictions so cryptic and vague they could mean just about anything. Or you can go the TV psychic route and throw a handful of darts at the wall, highlighting the ones that stick and hope everyone ignores...

7.3AI score
Exploits0References1
The Hacker News
The Hacker News
added 2020/08/12 12:25 p.m.191 views

Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked

Microsoft earlier today released its August 2020 batch of software security updates for all supported versions of its Windows operating systems and other products. This month's Patch Tuesday updates address a total of 120 newly discovered software vulnerabilities, of which 17 are critical, and th...

10CVSS0.8AI score0.99512EPSS
Exploits76
ThreatPost
ThreatPost
added 2020/06/22 7:9 p.m.28 views

Adobe Prompts Users to Uninstall Flash Player As EOL Date Looms

With Flash Player’s Dec. 31, 2020 kill date quickly approaching, Adobe said that it will start prompting users to uninstall the software in the coming months. The End of Life EOL timeline has been a long time coming. Adobe first announced in July 2017 that it will no longer update or distribute...

0.5AI score
Exploits0References10
HackRead
HackRead
added 2020/05/15 6:9 p.m.36 views

Zero-day attacks are potent cyber threats that require serious response

By Waqas Lately, Zero-day attacks are being exploited to target small as well as large businesses. This is a post from HackRead.com Read the original post: Zero-day attacks are potent cyber threats that require serious response...

2.1AI score
Exploits0
The Hacker News
The Hacker News
added 2020/03/27 9:22 p.m.139 views

Hackers Exploit Zero-Day Bugs in Draytek Devices to Target Enterprise Networks

Cybersecurity researchers with Qihoo 360's NetLab today unveiled details of two recently spotted zero-day cyberattack campaigns in the wild targeting enterprise-grade networking devices manufactured by Taiwan-based DrayTek. According to the report, at least two separate groups of hackers exploite...

10CVSS1.4AI score0.99993EPSS
Exploits7
ThreatPost
ThreatPost
added 2020/02/11 4:9 p.m.108 views

Adobe Addresses Critical Flash, Framemaker Flaws

Adobe has released patches addressing a wave of critical flaws in its Framemaker and Flash Player products, which, if exploited, could lead to arbitrary code-execution. Overall, Adobe stomped out flaws tied to 42 CVEs for its regularly scheduled February updates, with 35 of those flaws being...

10CVSS0.9AI score0.0978EPSS
Exploits1References14
Microsoft Secure
Microsoft Secure
added 2019/10/16 5:0 p.m.69 views

Top 6 email security best practices to protect against phishing attacks and business email compromise

Most cyberattacks start over email—a user is tricked into opening a malicious attachment, or into clicking a malicious link and divulging credentials, or into responding with confidential data. Attackers dupe victims by using carefully crafted emails to build a false sense of trust and/or urgency...

6.7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2019/08/27 4:0 p.m.75 views

Improve security and simplify operations with Windows Defender Antivirus + Morphisec

My team at Morphisec a Microsoft Intelligent Security Association MISA partner often talks with security professionals who are well-informed about the latest cyberthreats and have a longterm security strategy. The problem many of them face is how to create a stronger endpoint stack with limited...

0.7AI score
Exploits0
Rows per page
Query Builder