vulnerability
Massive rise in threats across expanding attack surfaces
There was a massive increase in cyber threats globally year-over-year fueled by both the pandemic and expanding attack surfaces, Skybox Security reveals. Expanding attack …
ICS threat landscape highlights
Dragos releases annual analysis of ICS/OT focused cyber threats, vulnerabilities, assessments, and incident response insights. “In 2020, the industrial community performed …
Attackers are looking to exploit critical VMware vCenter Server RCE flaw, patch ASAP!
The day after VMware released fixes for a critical RCE flaw (CVE-2021-21972) found in a default vCenter Server plugin, opportunistic attackers began searching for publicly …
Attackers disrupting COVID-19 efforts and critical supply chains
Cyberattacks evolved in 2020 as threat actors sought to profit from the unprecedented socioeconomic, business and political challenges brought on by the COVID-19 pandemic, IBM …
CNAME-based tracking increasingly used to bypass browsers’ anti-tracking defenses
As browser-makers move to defang third-party (tracking) cookies, marketers are increasingly switching to alternative tracking techniques. One of these is CNAME cloaking, which …
U.S. municipalities are the perfect target for cybercriminals in 2021
On Feb 5th, 2021, a hacker gained remote access to a water treatment plant in Oldsmar, Florida, and was able to adjust the amount of sodium hydroxide in the water from 100 …
Researchers propose more secure and private mobile contact tracing
For public health officials, contact tracing remains critical to managing the spread of the coronavirus — particularly as it appears that variants of the virus could be …
Accellion FTA attacks, extortion attempts might be the work of FIN11
Mandiant/FireEye researchers have tentatively linked the Accellion FTA zero-day attacks to FIN11, a cybercrime group leveraging CLOP ransomware to extort targeted …
10 COVID-19-related lessons for future-ready cybersecurity
In 2020, we experienced wave after wave of COVID-19 surges and watched failure after failure at practicing what we knew were effective preventative measures. Similarly, in …
Business email compromise is a top concern for banks
Bottomline and Strategic Treasurer released the results of a survey that gathered details about corporate and banking experiences, actions and plans regarding fraud. Results …
57% of vulnerabilities in 2020 were classified as critical or high severity
NIST logged more than 18,000 vulnerabilities in 2020, over 10,000 of which were critical or high severity – an all-time high. Redscan’s analysis looks beyond severity scores, …
Cybersecurity risks connected to AI in autonomous vehicles
By removing the most common cause of traffic accidents – the human driver – autonomous vehicles are expected to reduce traffic accidents and fatalities. However, they may pose …
Featured news
Resources
Don't miss
- ClickFix campaign delivers Mac malware via fake Apple page
- Poisoned “Office 365” search results lead to stolen paychecks
- What vibe hunting gets right about AI threat hunting, and where it breaks down
- Health insurance lead sites sell personal data within seconds of form submission
- Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197)