Please turn on your JavaScript for this page to function normally.
Zyxel
Zyxel firewalls under attack by Mirai-like botnet

CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to …

Barracuda
Attackers hacked Barracuda ESG appliances via zero-day since October 2022

Barracuda says that the recently discovered compromise of some of it clients’ ESG appliances via a zero-day vulnerability (CVE-2023-2868) resulted in the deployment of …

AI
Generative AI: The new attack vector for trust and safety

Threat actors are abusing generative AI to carry out child sex abuse material (CSAM), disinformation, fraud and extremism, according to ActiveFence. “The explosion of …

ransomware
12 vulnerabilities newly associated with ransomware

In March 2023, the total number of breaches reported was higher than those reported in the previous three years combined, according to Ivanti. Ransomware groups are …

Tools
Prevent attackers from using legitimate tools against you

Malicious actors are increasingly exploiting legitimate tools to accomplish their goals, which include disabling security measures, lateral movement, and transferring files. …

Hand
Attackers are trying to exploit old DVR vulnerabilities (CVE-2018-9995, CVE-2016-20016)

Five years ago, security researcher Fernandez Ezequiel discovered a vulnerability (CVE-2018-9995) in many digital video recorder (DVR) brands and released a tool for …

Papercut
PoC exploit for abused PaperCut flaw is now public (CVE-2023-27350)

An unauthenticated RCE flaw (CVE-2023-27350) in widely-used PaperCut MF and NG print management software is being exploited by attackers to take over vulnerable application …

Apple
Apple rushes fixes for exploited zero-days in iPhones and Macs (CVE-2023-28205, CVE-2023-28206)

Apple has pushed out security updates that fix two actively exploited zero-day vulnerabilities (CVE-2023-28205, CVE-2023-28206) in macOS, iOS and iPadOS. Reported by …

face
The hidden picture of malware attack trends

Despite the decline in network-detected malware in Q4 2022, endpoint ransomware spiked by 627%, while malware associated with phishing campaigns persisted as a threat, …

snake, threat
Prevent and detect Adobe ColdFusion exploitation (CVE-2023-26360, CVE-2023-26359)

When Adobe released security updates for its ColdFusion application development platform last month, it noted that one of the vulnerabilities (CVE-2023-26360) had been …

vulnerabilities
What you need before the next vulnerability hits

Cyberattacks tend to come from two angles: criminals take advantage of employees with privileged access or of security weaknesses in your hardware/software infrastructure. …

Microsoft Word
PoC exploit for recently patched Microsoft Word RCE is public (CVE-2023-21716)

A PoC exploit for CVE-2023-21716, a critical RCE vulnerability in Microsoft Word that can be exploited when the user previews a specially crafted RTF document, is now publicly …

Don't miss

Cybersecurity news