Please turn on your JavaScript for this page to function normally.
keyboard
Does a secure coding training platform really work?

As security vulnerabilities are reported to you time and again, you may ask yourself: “Why don’t these developers learn the lesson?” The next thing you may think is: “We …

vulnerabilities
Top 12 vulnerabilities routinely exploited in 2022

Cybersecurity agencies from member countries of the Five Eyes intelligence alliance have released a list of the top 12 vulnerabilities routinely exploited in 2022, plus 30 …

Barracuda
New persistent backdoor used in attacks on Barracuda ESG appliances

The Cybersecurity and Infrastructure Agency (CISA) has published an analysis report on the backdoors dropped by attackers exploiting CVE-2023-2868, a remote command injection …

laptop
Cryptojacking soars as cyberattacks increase, diversify

Digital threat actors are adopting evolving tactical behaviors, opting for different types of malicious attacks compared to previous years, according to SonicWall. Overall …

Adobe ColdFusion
Adobe ColdFusion vulnerabilities exploited to deliver web shells (CVE-2023-29298, CVE-2023-38203)

Attackers are exploiting two Adobe ColdFusion vulnerabilities (CVE-2023-29298, CVE-2023-38203) to breach servers and install web shells to enable persistent access and allow …

Ryan Woodley
Unlocking internet’s secrets via monitoring, data collection, and analysis

In this Help Net Security interview, Ryan Woodley, CEO of Netcraft, discusses the importance of monitoring, collecting, and analyzing internet data to gain a profound …

Cisco
PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178)

Proof-of-concept (PoC) exploit code for the high-severity vulnerability (CVE-2023-20178) in Cisco Secure Client Software for Windows and Cisco AnyConnect Secure Mobility …

Progress MOVEit
PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)

As more victim organizations of Cl0p gang’s MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE …

Barracuda
Replace Barracuda ESG appliances, company urges

Barracuda Networks is urging customers running phyisical Email Security Gateway (ESG) appliances to replace them immediately, “regardless of patch version level.” …

Chrome
Google triples reward for Chrome full chain exploits

Google has tripled the full reward amount for the first security bug report that includes a functional full chain exploit of its popular Chrome browser. Six months of higher …

Zyxel
Zyxel firewalls under attack by Mirai-like botnet

CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to …

Barracuda
Attackers hacked Barracuda ESG appliances via zero-day since October 2022

Barracuda says that the recently discovered compromise of some of it clients’ ESG appliances via a zero-day vulnerability (CVE-2023-2868) resulted in the deployment of …

Don't miss

Cybersecurity news