Two Microsoft Exchange zero-days exploited by attackers (CVE-2022-41040, CVE-2022-41082)
Attackers are leveraging two zero-day vulnerabilities (CVE-2022-41040, CVE-2022-41082) to breach Microsoft Exchange servers. News of the attacks broke on Wednesday, when …
New infosec products of the week: September 30, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Illumio, Malwarebytes, Netography, TransUnion, and Truecaller. TransUnion …
Top issues driving cybersecurity: Growing number of cybercriminals, variety of attacks
Fortifying cybersecurity defenses remains a work in progress for many organizations, who acknowledge their shortcomings but have yet to commit the necessary resources to the …
Are you inundated by a never-ending stream of cyberattacks?
Trellix released global research revealing the cost of siloed security, weak spots in protection, and lack of confidence amongst security operations teams. The study of 9,000 …
Office exploits continue to spread more than any other category of malware
The latest Internet Security Report from the WatchGuard Threat Lab shows a reduction in overall malware detections from the peaks seen in the first half of 2021, along with an …
65% of companies are considering adopting VPN alternatives
Despite high awareness of VPN risks, remote work forced many companies to rely more heavily on legacy access methods during the pandemic. At the same time, cybercriminals …
SpyCast: Cross-platform mDNS enumeration tool
SpyCast is a cross-platform mDNS enumeration tool that can work either in active mode by recursively querying services or in passive mode by only listening to multicast …
Data security trends: 7 statistics you need to know
U.S. businesses are at high risk for data security threats from increasingly effective phishing attempts and the lack of procedures to restrict data access, according to …
Multi-platform Chaos malware threatens to live up to its name
Chaos, new multipurpose malware written in the Go programming language, is spreading across the world. “We are seeing a complex malware that has quadrupled in size in just two …
The holy trifecta for developing a secure API
It’s hard to write good API specifications, and since most API gateways use them as IAC, they should be carefully checked for common mistakes. Writing an API that sticks …
Businesses find remote work security risks less daunting than before
After two years of the pandemic, confidence in addressing certain security risks and threats arising from hybrid and remote work has improved among businesses and …
MS SQL servers are getting hacked to deliver ransomware to orgs
Cybercriminals wielding the FARGO (aka Mallox, aka TargetCompany) ransomware are targeting Microsoft SQL (MS SQL) servers, AhnLab’s ASEC analysis team has warned. They …
Featured news
Resources
Don't miss
- Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777)
- Exposure management is the answer to: “Am I working on the right things?”
- Cyberattacks are changing the game for major sports events
- Can your security stack handle AI that thinks for itself?
- July 2025 Patch Tuesday forecast: Take a break from the grind