vulnerability
Exchange Servers targeted via zero-day exploits, have yours been hit?
Microsoft has released out-of-band security updates for seven bugs affecting Microsoft Exchange Servers, four of which are zero-day vulnerabilities being exploited by …
Enterprises observing uptick in risky behaviors since shift to remote work
Tanium released a report to evaluate the primary IT operations and security challenges organizations have faced amid the large-scale shift to remote work in the COVID-19 era, …
Critical flaw in Rockwell PLCs allows attackers to fiddle with them (CVE-2021-22681)
A critical, easy to exploit vulnerability (CVE-2021-22681) may allow attackers to remotely connect to a number of Rockwell Automation’s programmable logic controllers …
Insights for navigating a drastically changing threat landscape
In a recent report, Trend Micro announced it detected 119,000 cyber threats per minute in 2020 as home workers and infrastructure came under new pressure from attacks. Attacks …
Massive rise in threats across expanding attack surfaces
There was a massive increase in cyber threats globally year-over-year fueled by both the pandemic and expanding attack surfaces, Skybox Security reveals. Expanding attack …
ICS threat landscape highlights
Dragos releases annual analysis of ICS/OT focused cyber threats, vulnerabilities, assessments, and incident response insights. “In 2020, the industrial community performed …
Attackers are looking to exploit critical VMware vCenter Server RCE flaw, patch ASAP!
The day after VMware released fixes for a critical RCE flaw (CVE-2021-21972) found in a default vCenter Server plugin, opportunistic attackers began searching for publicly …
Attackers disrupting COVID-19 efforts and critical supply chains
Cyberattacks evolved in 2020 as threat actors sought to profit from the unprecedented socioeconomic, business and political challenges brought on by the COVID-19 pandemic, IBM …
CNAME-based tracking increasingly used to bypass browsers’ anti-tracking defenses
As browser-makers move to defang third-party (tracking) cookies, marketers are increasingly switching to alternative tracking techniques. One of these is CNAME cloaking, which …
U.S. municipalities are the perfect target for cybercriminals in 2021
On Feb 5th, 2021, a hacker gained remote access to a water treatment plant in Oldsmar, Florida, and was able to adjust the amount of sodium hydroxide in the water from 100 …
Researchers propose more secure and private mobile contact tracing
For public health officials, contact tracing remains critical to managing the spread of the coronavirus — particularly as it appears that variants of the virus could be …
Accellion FTA attacks, extortion attempts might be the work of FIN11
Mandiant/FireEye researchers have tentatively linked the Accellion FTA zero-day attacks to FIN11, a cybercrime group leveraging CLOP ransomware to extort targeted …
Featured news
Resources
Don't miss
- CISA warns about actively exploited Broadcom, Commvault vulnerabilities
- Marks & Spencer cyber incident linked to ransomware group
- Eyes, ears, and now arms: IoT is alive
- What’s worth automating in cyber hygiene, and what’s not
- Want faster products and stronger trust? Build security in, not bolt it on