searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus
Help Net Security - Daily information security news with a focus on enterprise security.
Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert analysis
  • Videos
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Product showcase
  • Newsletters

exploit

Get our top stories in your inbox

Determined APT is exploiting ManageEngine ServiceDesk Plus vulnerability (CVE-2021-44077)

December 3, 2021

An APT group is leveraging a critical vulnerability (CVE-2021-44077) in Zoho ManageEngine ServiceDesk Plus to compromise organizations in a variety of sectors, including …

After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379)

November 24, 2021

A local elevation of privilege vulnerability (CVE-2021-41379) in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its …

List of IT assets an attacker is most likely to target for exploitation

October 13, 2021

Randori released a report that identifies the most tempting IT assets that an attacker is likely to target and exploit. Leading up to the anniversary of the Solarwinds hack, …

Nagios XI vulnerabilities open enterprise IT infrastructure to attack

September 23, 2021

Researchers have unearthed 11 vulnerabilities affecting Nagios XI, a widely used enterprise IT infrastructure/network monitoring solution, some of which can be chained to …

Microsoft Power Apps data exposure: Prioritizing sensitive data with secure configuration settings

September 21, 2021

Security misconfigurations are one of the most common gaps hackers look to exploit. One bad configuration setting in a popular cloud platform can have far-reaching …

CVE-2021-40444 exploitation: Researchers find connections to previous attacks

September 16, 2021

The recent targeted attacks exploiting the (at the time) zero-day remote code execution vulnerability (CVE-2021-40444) in Windows via booby-trapped Office documents have been …

Microsoft patches actively exploited MSHTML zero-day RCE (CVE-2021-40444)

September 14, 2021

On September 2021 Patch Tuesday, Microsoft has fixed 66 CVE-numbered vulnerabilities in a wide variety of its solutions. Of these, the most crucial to address is …

Apple fixes “zero-click” iMessage zero-day exploited to deliver spyware (CVE-2021-30860)

September 14, 2021

Apple has released security updates for macOS, iOS, iPadOS, watchOS and Safari that patch two vulnerabilities (CVE-2021-30860, CVE-2021-30858) that are being exploited in …

Patched: Critical bug with public PoC exploit in Cisco infrastructure virtualization software (CVE-2021-34746)

September 3, 2021

A critical vulnerability (CVE-2021-34746) that affects Cisco Enterprise NFV Infrastructure Software (NFVIS) has been patched and Cisco is urging enterprise admins to quickly …

Realtek SDK vulnerability exploitation attempts detected (CVE-2021-35395)

August 24, 2021

Threat actors are attempting to exploit CVE-2021-35395, a group of vulnerabilities in the web interface of the Realtek SDK, to spread Mirai malware to vulnerable IoT devices. …

ProxyShell vulnerabilities actively exploited to deliver web shells and ransomware

August 23, 2021

Three so-called “ProxyShell” vulnerabilities are being actively exploited by various attackers to compromise Microsoft Exchange servers around the world, the …

The value of PII and how it still fuels malign activities in the digital ecosystem

August 10, 2021

The COVID-19 pandemic engendered new vulnerabilities in the digital ecosystem for threat actors to exploit, resulting in items like vaccines, fraudulent vaccine certificates, …

Posts navigation

1 2 3 4 5 6 7 8 … 45

Featured news

  • What you need before the next vulnerability hits
  • Running a security program before your first security hire
  • A bug revealed ChatGPT users’ chat history, personal and billing data
How to protect online privacy in the age of pixel trackers

Sponsored

Webinar: Tips from MSSPs to MSSPs – starting a vCISO practice

Security in the cloud with more automation

CISOs struggle with stress and limited resources

How to scale cybersecurity for your business

Don't miss

Europol details ChatGPT’s potential for criminal abuse

What you need before the next vulnerability hits

Running a security program before your first security hire

What the food and building industry can teach us about securing embedded systems

BEC scammers are after physical goods, the FBI warns

Cybersecurity news
Help Net Security - Daily information security news with a focus on enterprise security.
© Copyright 1998-2023 by Help Net Security
Read our privacy policy | About us | Advertise
Follow us