
Trojan Source bugs may lead to extensive supply-chain attacks on source code
Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, …

91.5% of malware arrived over encrypted connections during Q2 2021
The latest report from the WatchGuard shows an astonishing 91.5% of malware arriving over encrypted connections during Q2 2021. This is a dramatic increase over the previous …

46% of all on-prem databases are vulnerable to attack, breaches expected to grow
46% of all on-prem databases globally are vulnerable to attack, according to a research by Imperva. A five-year longitudinal study comprising nearly 27,000 scanned databases …

A look at the 2021 CWE Top 25 most dangerous software weaknesses
The 2021 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses is a demonstrative list of the most common issues experienced over the previous two …

22% of exploits for sale in underground forums are more than three years old
Trend Micro released a research urging organizations to focus patching efforts on the vulnerabilities that pose the greatest risk to their organization, even if they are years …

Cybercriminals customizing malware for attacks on virtual infrastructure
Cyber incidents continue to rise, ransomware accounts for nearly two-thirds of all malware attacks, and more cybercriminals are customizing malware for attacks on virtual …

Dealing with security vulnerabilities on data center servers requires more skilled staff
There is a lot of attention being paid to continuously updating servers to patch security vulnerabilities on Linux servers running in data centers – a basic step …

Corporate attack surfaces growing concurrently with a dispersed workforce
Zscaler released a report on the state of corporate attack surfaces. Based on data sourced between February 2020 and April 2021, the report provides a first-ever look at the …

Enterprise networks vulnerable to 20-year-old exploits
Popular preconceptions of enterprise security and network usage are often inaccurate, according to Cato Networks. While exotic attacks and nation-states such as Russia and …

Security doesn’t always require immediacy
New security threats emerge almost continuously, meaning we now deal with a known unknown. In the past year alone, malware and ransomware use has sharply increased, 43% of …

When exploit code precedes a patch, attackers gain a massive head start
Cybersecurity researchers that publicize exploit code used in cyberattacks are giving a clear and unequivocal advantage to attackers, new research conducted by Kenna Security …

Defending against Windows RDP attacks
In 2020, attacks against Windows Remote Desktop Protocol (RDP) grew by 768%, according to ESET. But this shouldn’t come as a surprise, given the massive increase in the number …