-
It’s one thing for APT groups to conduct cyber espionage to meet their own financial objectives. But it’s an entirely different matter when they are used as “hackers for hire” by competing private companies to make away with confidential information.
-
Cybersecurity researchers have detailed as many as five severe security flaws in the implementation of TLS protocol in several models of Aruba and Avaya network switches that could be abused to gain remote access to enterprise networks and steal valuable information.
-
Microsoft’s Defender ATP Research Team today issued guidance on how to defend against attacks targeting Exchange servers by blocking malicious activity identified with the help of behavior-based detection.
-
Multiple threat actors have been observed opportunistically weaponizing a now-patched critical security vulnerability impacting several Zoho ManageEngine products since January 20, 2023.
-
Hackers are actively exploiting a critical remote code execution vulnerability allowing unauthenticated attackers to upload scripts and execute arbitrary code on WordPress sites running vulnerable File Manager plugin versions.
-
A new cryptojacking botnet is spreading across compromised networks via multiple methods that include the EternalBlue exploit for Windows Server Message Block (SMB) communication protocol.
-
Cybersecurity researchers are calling attention to a zero-day flaw in Microsoft Office that could be abused to achieve arbitrary code execution on affected Windows systems.
-
Two days after patches for critical F5 BIG-IP vulnerability were released, security researchers have started publicly posting proof-of-concept (PoC) exploits show how easy it is to exploit these devices.
-
Days after F5 released patches for a critical remote code execution vulnerability affecting its BIG-IP family of products, security researchers are warning that they were able to create an exploit for the shortcoming.
-
A SonicWall SMA 100 zero-day vulnerability is being actively exploited in the wild, according to a tweet by cybersecurity firm NCC Group.
-
Users of Zoho ManageEngine are being urged to patch their instances against a critical security vulnerability ahead of the release of a proof-of-concept (PoC) exploit code.
-
Ερευνητές κυβερνοαφάλειας προειδοποιούν για χάκερ που υποστηρίζονται από την Κίνα ότι εκμεταλλεύονται μια ευπάθεια του Microsoft Office που δεν έχει επιδιορθωθεί, μηδενικής ημέρας, γνωστή ως “Follina” για να εκτελέσουν εξ αποστάσεως κακόβουλο κώδικα σε συστήματα Windows.