Patched: Critical bug with public PoC exploit in Cisco infrastructure virtualization software (CVE-2021-34746)
A critical vulnerability (CVE-2021-34746) that affects Cisco Enterprise NFV Infrastructure Software (NFVIS) has been patched and Cisco is urging enterprise admins to quickly …
Realtek SDK vulnerability exploitation attempts detected (CVE-2021-35395)
Threat actors are attempting to exploit CVE-2021-35395, a group of vulnerabilities in the web interface of the Realtek SDK, to spread Mirai malware to vulnerable IoT devices. …
ProxyShell vulnerabilities actively exploited to deliver web shells and ransomware
Three so-called “ProxyShell” vulnerabilities are being actively exploited by various attackers to compromise Microsoft Exchange servers around the world, the …
The value of PII and how it still fuels malign activities in the digital ecosystem
The COVID-19 pandemic engendered new vulnerabilities in the digital ecosystem for threat actors to exploit, resulting in items like vaccines, fraudulent vaccine certificates, …
Ransom demands reaching $1.2M, smaller companies increasingly targeted
Ransom demands have grown substantially over the past year, smaller companies are increasingly targeted, and cyber criminals continue to take advantage of dislocations in how …
There are new unpatched bugs in Windows Print Spooler
Security researchers have unearthed new elevation of privilege (EoP) bugs in Windows Print Spooler, one of the oldest Windows components. Scarce details have been shared about …
Explosion of 0-day exploits: The bad news and the good news
Have you noticed that lately we’ve been hearing more about in-the-wild attacks exploiting 0-day vulnerabilities? “Halfway into 2021, there have been 33 0-day …
22% of exploits for sale in underground forums are more than three years old
Trend Micro released a research urging organizations to focus patching efforts on the vulnerabilities that pose the greatest risk to their organization, even if they are years …
Cybercriminals customizing malware for attacks on virtual infrastructure
Cyber incidents continue to rise, ransomware accounts for nearly two-thirds of all malware attacks, and more cybercriminals are customizing malware for attacks on virtual …
PoC for critical Windows Print Spooler flaw leaked (CVE-2021-1675)
CVE-2021-1675, a Windows Print Spooler vulnerability that Microsoft patched in June 2021, presents a much greater danger than initially thought: researchers have proved that …
Cisco security devices targeted with CVE-2020-3580 PoC exploit
Attackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software. Active attacks apparently …
Enterprise networks vulnerable to 20-year-old exploits
Popular preconceptions of enterprise security and network usage are often inaccurate, according to Cato Networks. While exotic attacks and nation-states such as Russia and …
Featured news
Sponsored
Don't miss
- BLint: Open-source tool to check the security properties of your executables
- Tailoring responsible AI: Defining ethical guidelines for industry-specific use
- Are you meeting your cyber insurance requirements?
- Black Basta target orgs with new social engineering campaign
- Red teaming: The key ingredient for responsible AI