Threats and vulnerabilities

Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.

Top Stories

Podcast 30 Jan 2025
Risk & Repeat: DeepSeek security issues emerge

The introduction of DeepSeek's new generative AI models has been met with fervor, but security issues have created apparent challenges for the Chinese startup. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 29 Jan 2025
Google details adversarial AI activity on Gemini

Google identified APTs from more than 20 nations misusing its Gemini AI chatbot but noted that threat actors were unsuccessful in finding novel techniques or vulnerabilities. Continue Reading
By
- Alexander Culafi, Senior News Writer

News 27 Jun 2024
Supply chain attacks conducted through Polyfill.io service

In February, a Chinese company named Funnell bought the Polyfill.io domain, which sparked concerns in the infosec community about potential supply chain threats. Continue Reading
By
- Arielle Waldman, News Writer
News 26 Jun 2024
LockBit claim about hacking U.S. Federal Reserve fizzles

Evolve Bank & Trust confirmed that it was affected by a cybersecurity-related incident, but has not yet said whether the LockBit ransomware gang was responsible. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 26 Jun 2024
MoveIt Transfer vulnerability targeted amid disclosure drama

Progress Software's MoveIt Transfer is under attack again, just one year after a Clop ransomware actor exploited a different zero-day MoveIt flaw against thousands of customers. Continue Reading
By
- Arielle Waldman, News Writer
Tip 26 Jun 2024
12 common types of malware attacks and how to prevent them

The umbrella term malware is one of the greatest cybersecurity threats enterprises face. Learn about 12 common types of malware and how to prevent them. Continue Reading
By
- Sharon Shea, Executive Editor
- Isabella Harford, TechTarget
Tip 25 Jun 2024
Best practices for protection from ransomware in cloud storage

Cybercriminals are getting smarter and evolving their enterprise attacks. Be proactive -- get out in front of ransomware in cloud storage before the attack occurs. Continue Reading
By
- Julia Borgini, Spacebarpress Media
News 25 Jun 2024
CISA discloses breach of Chemical Security Assessment Tool

The breach, which CISA first disclosed in March, stemmed from Ivanti zero-day vulnerabilities that a Chinese nation-state threat actor first exploited in January. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 25 Jun 2024
EDR vs. antivirus: What's the difference?

Endpoint detection and response and antivirus tools both protect enterprise networks, and both have distinct advantages. Which is better for your organization? Continue Reading
By
- Ravi Das, ML Tech Inc.
Definition 25 Jun 2024
What is security information and event management (SIEM)?

Security information and event management (SIEM) is an approach to security management that combines security information management (SIM) and security event management (SEM) functions into one security management system. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Linda Rosencrance
News 21 Jun 2024
Biden administration bans Kaspersky Lab products in US

The Biden administration announced a ban on Kaspersky Lab products inside the United States due to the antivirus vendor's ties with the Russian government. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 20 Jun 2024
SolarWinds Serv-U vulnerability under attack

The Centre for Cybersecurity Belgium observed exploitation against CVE-2024-28995, a high-severity vulnerability in SolarWind's Serv-U file transfer product. Continue Reading
By
- Arielle Waldman, News Writer
News 20 Jun 2024
Phoenix SecureCore UEFI firmware bug affects Intel processors

Multiple Intel processors and hundreds of PC models are potentially vulnerable to a recently disclosed vulnerability in Phoenix SecureCore UEFI firmware. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 20 Jun 2024
How Amazon's decision to ditch Active Directory paid off

Amazon's decision to build its own identity and access management system was an expensive one, but an infamous supply chain attack validated the move. Continue Reading
By
- Rob Wright, Senior News Director
Definition 20 Jun 2024
zero-day vulnerability

A zero-day vulnerability is a security loophole in software, hardware or firmware that threat actors exploit before the vendors can identify and patch it. Continue Reading
By
- Kinza Yasar, Technical Writer
- Brien Posey
- Sharon Shea, Executive Editor
Tip 17 Jun 2024
How deepfakes threaten biometric security controls

Biometric security controls are under attack by deepfakes -- convincing images, videos and audio created by generative AI. But all is not lost. Learn how to mitigate the risk. Continue Reading
By
- Jerald Murphy, Nemertes Research
News 12 Jun 2024
Black Basta might have exploited Microsoft flaw as zero-day

While investigating a ransomware attack, Symantec found evidence that suggests Black Basta threat actors exploited a Microsoft vulnerability as a zero-day. Continue Reading
By
- Arielle Waldman, News Writer
Answer 12 Jun 2024
Zero trust vs. defense in depth: What are the differences?

Security administrators don't have to choose between zero-trust and defense-in-depth cybersecurity methodologies. Learn how the two frameworks complement each other. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Feature 11 Jun 2024
Hacking vs. spoofing: What's the difference?

While email, text and phone enable instant communication in a technology-driven world, they also expose individuals and companies to cyberattacks such as hacking and spoofing. Continue Reading
By
- Ava DePasquale
Definition 10 Jun 2024
communications intelligence (COMINT)

Communications intelligence (COMINT) is information gathered from the communications between individuals or groups of individuals, including telephone conversations, text messages, email conversations, radio calls and online interactions. Continue Reading
By
- Rahul Awati
Definition 07 Jun 2024
electronic intelligence (ELINT)

Electronic intelligence (ELINT) is intelligence gathered using electronic sensors, usually used in military applications. Continue Reading
By
- Rahul Awati
News 06 Jun 2024
Critical Progress Telerik vulnerability under attack

Threat actors are targeting vulnerable Progress Telerik Report Server systems just days after a proof of concept was published detailing a vulnerability exploit chain. Continue Reading
By
- Arielle Waldman, News Writer
News 06 Jun 2024
Ransomware ravaged schools and cities in May

The public sector took the brunt of ransomware in May, while another damaging attack against a healthcare company disrupted patient access to pharmacy services. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 05 Jun 2024
Risk & Repeat: Sorting out Snowflake's security mess

This podcast episode discusses the recent attacks against Snowflake customers and a controversial report that claimed the cloud storage and analytics giant had been breached. Continue Reading
By
- Alexander Culafi, Senior News Writer
Answer 05 Jun 2024
Reporting ransomware attacks: Steps to take

The Cybersecurity and Infrastructure Security Agency and FBI recommend reporting ransomware attacks to the authorities as soon as possible. This expert advice outlines the process. Continue Reading
By
- Kyle Johnson, Technology Editor
News 04 Jun 2024
Tenable warns of vulnerability in Azure service tags

Microsoft disagreed with Tenable's assessment, saying the security issue in Azure service tags is not a vulnerability and that additional authentication layers are required. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 04 Jun 2024
ChatGPT plugin flaws introduce enterprise security risks

Insecure plugin design -- one of the top 10 LLM vulnerabilities, according to OWASP -- opens enterprises to attacks. Explore ChatGPT plugin security risks and how to mitigate them. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
News 30 May 2024
Law enforcement conducts 'largest ever' botnet takedown

An international law enforcement effort called 'Operation Endgame' disrupted several infamous malware loaders and botnets used by ransomware gangs and other cybercriminals. Continue Reading
By
- Arielle Waldman, News Writer
Answer 30 May 2024
What is extortionware? How does it differ from ransomware?

Prevention is the only line of defense against an extortionware attack. Learn how extortionware works and why it can be more damaging than ransomware. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Feature 29 May 2024
Why healthcare data is often the target of ransomware attacks

The healthcare industry relies heavily on IT systems. Sensitive patient data is valuable to hackers, leading to ransomware attacks that disrupt operations and endanger lives. Continue Reading
By
- Sean Michael Kerner
News 29 May 2024
Check Point discovers vulnerability tied to VPN attacks

While Check Point identified CVE-2024-24919 as the root cause behind recent attack attempts on its VPN products, it's unclear if threat actors gained access to customer networks. Continue Reading
By
- Alexander Culafi, Senior News Writer
- Rob Wright, Senior News Director
Tip 23 May 2024
What role does an initial access broker play in the RaaS model?

Initial access brokers play an increasingly vital role in the ransomware ecosystem, establishing entry points from which RaaS groups can facilitate attacks against organizations. Continue Reading
By
- Amanda Scheldt
News 23 May 2024
93% of vulnerabilities unanalyzed by NVD since February

New research from VulnCheck shows the NIST's National Vulnerability Database has struggled to manage a growing number of reported vulnerabilities this year. Continue Reading
By
- Arielle Waldman, News Writer
News 21 May 2024
Critical bug discovered in open source utility Fluent Bit

Tenable researchers discovered a critical vulnerability, dubbed 'Linguistic Lumberjack,' in Fluent Bit, an open source logging utility widely used by major cloud providers. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 21 May 2024
Rapid7 warns of alarming zero-day vulnerability trends

The cybersecurity vendor tracked vulnerabilities that were used by threat actors in mass compromise events and found more than half were exploited as zero days. Continue Reading
By
- Arielle Waldman, News Writer
Definition 20 May 2024
ATM jackpotting

ATM jackpotting is the exploitation of physical and software vulnerabilities in automated banking machines that result in the machines dispensing cash. Continue Reading
By
- Rahul Awati
Podcast 15 May 2024
Risk & Repeat: Recapping RSA Conference 2024

Artificial intelligence was center stage at RSA Conference 2024, but the show also focused on secure-by-design principles, the ransomware landscape and more. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 15 May 2024
Common Vulnerability Scoring System (CVSS)

The Common Vulnerability Scoring System (CVSS) is a public framework for rating the severity and characteristics of security vulnerabilities in information systems. Continue Reading
By
- Kinza Yasar, Technical Writer
- Alexander S. Gillis, Technical Writer and Editor
- Madelyn Bacon, TechTarget
News 14 May 2024
Google discloses 2 zero-day vulnerabilities in less than a week

Google released fixed versions to address the two vulnerabilities in its Chrome web browser, but the updates will roll out in stages with no specific dates available. Continue Reading
By
- Arielle Waldman, News Writer
Tip 14 May 2024
Cloud vulnerability management: A complete guide

Your security strategy might not grapple directly with cloud vulnerability management. Is it time to consider the possible benefits and challenges of this emerging product class? Continue Reading
By
- Ed Scannell, Freelancer
Tip 14 May 2024
RSAC panel debates confidence in post-quantum cryptography

The Cryptographers' Panel at RSAC offered opinions on their confidence in PQC following the release of a paper questioning lattice-based encryption's viability. Continue Reading
By
- Kyle Johnson, Technology Editor
Definition 14 May 2024
bug bounty program

A bug bounty program, also called a vulnerability rewards program (VRP), is a crowdsourcing initiative that rewards individuals like ethical hackers and security researchers for discovering and reporting vulnerabilities and bugs in software. Continue Reading
By
- Rahul Awati
Definition 10 May 2024
SD-WAN security

SD-WAN security refers to the practices, protocols and technologies protecting data and resources transmitted across software-defined wide area network infrastructure. Continue Reading
By
- Andy Patrizio
Definition 10 May 2024
virtual machine escape

A virtual machine escape is an exploit in which an attacker runs code on a VM that lets the operating system (OS) running within it break out and interact directly with the hypervisor. Continue Reading
By
- Rahul Awati
News 09 May 2024
Dell 'security incident' might affect millions

Dell notified customers that a company portal connected to customer data exposed orders, names and addresses, while reports indicate the data is now up for sale on the dark web. Continue Reading
By
- Tim McCarthy, News Writer
Definition 09 May 2024
threat actor

A threat actor, also called a malicious actor or bad actor, is an entity that is partially or wholly responsible for an incident that affects -- or has the potential to affect -- an organization's security. Continue Reading
By
- Rahul Awati
- Ivy Wigmore
Feature 09 May 2024
Build a resilient network: What I learned from 5 thought leaders

At the 2024 'Strategies for a Resilient Network' summit, five thought leaders shared best practices to help you achieve optimal network resiliency. Learn more. Continue Reading
By
- Natasha Carter, Director of Partnerships and Event Content
News 08 May 2024
National Security Agency warns against paying ransoms

Rob Joyce and David Luber, former and current directors of cybersecurity at the NSA, discuss how the ransomware attack on Change Healthcare exemplified the cons of paying ransoms. Continue Reading
By
- Arielle Waldman, News Writer
Tip 08 May 2024
Patch management vs. vulnerability management: Key differences

Although patch and vulnerability management are intertwined, they differ in critical ways. It's important to have distinct tools and processes to execute both effectively. Continue Reading
By
- Esther Shein
Tip 08 May 2024
VM security in cloud computing explained

Cloud computing allows an organization to reduce its risks by having to secure fewer resources. The tradeoff is that cloud creates more attack vectors. Don't let VMs trip you up. Continue Reading
By
- Char Sample, ICF International
News 08 May 2024
White House: Threats to critical infrastructure are 'severe'

While the White House released the new National Cybersecurity Strategy last year to help combat threats to critical infrastructure organizations, attacks have continued. Continue Reading
By
- Arielle Waldman, News Writer
News 07 May 2024
SentinelOne: Ransomware actors are adapting to EDR

At RSA Conference 2024, SentinelOne's Alex Stamos discussed ongoing global threats such as ransomware and how threat actors are changing their techniques. Continue Reading
By
- Arielle Waldman, News Writer
News 07 May 2024
U.S. agencies continue to observe Volt Typhoon intrusions

A panel of experts at RSA Conference 2024 discussed Volt Typhoon and warned the Chinese nation-state threat group is still targeting and compromising U.S. organizations. Continue Reading
By
- Arielle Waldman, News Writer
Tip 07 May 2024
How to detect deepfakes manually and using AI

Deepfakes rely on AI to generate realistic but counterfeit content. A variety of automated tools and manual hints can help organizations pinpoint deepfake videos and images. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 06 May 2024
Recorded Future observes 'concerning' hacktivism shift

At RSA Conference 2024, Recorded Future detailed alarming trends as nation-state attackers operate under the guise of hacktivism to cover real threats to organizations. Continue Reading
By
- Arielle Waldman, News Writer
News 06 May 2024
IBM study shows security for GenAI projects is an afterthought

IBM's survey of C-suite executives finds that 82% say trustworthy and secure AI are essential, but only 24% have a security component included in their GenAI projects. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 02 May 2024
What is a potentially unwanted program (PUP)?

A potentially unwanted program (PUP) is a program that may be unwanted, despite the possibility that users consented to download it. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
News 01 May 2024
U.S. warns of pro-Russian hacktivist attacks against OT systems

CISA calls on OT device manufacturers to implement more effective security protocols as attacks against critical infrastructure organizations continue. Continue Reading
By
- Arielle Waldman, News Writer
News 01 May 2024
Verizon DBIR: Vulnerability exploitation in breaches up 180%

Verizon said it examined approximately twice as many breaches for the 2024 Data Breach Investigations Report -- 10,626 out of 30,458 total tracked incidents. Continue Reading
By
- Alexander Culafi, Senior News Writer
Conference Coverage 01 May 2024
RSA Conference 2024 focuses on collaboration, resilience

Follow TechTarget Security's RSAC 2024 guide for pre-conference insights and the most pressing presentations and breaking news at the world's biggest infosec event. Continue Reading
By
- Sharon Shea, Executive Editor
News 25 Apr 2024
Risk & Repeat: Change Healthcare's bad ransomware bet

This Risk & Repeat podcast discusses Change Healthcare's ransomware attack and the apparent further spread of sensitive data despite the company paying a ransom. Continue Reading
By
- Alexander Culafi, Senior News Writer
- Rob Wright, Senior News Director
News 25 Apr 2024
Cisco zero-day flaws in ASA, FTD software under attack

Cisco revealed that a nation-state threat campaign dubbed 'ArcaneDoor' exploited two zero-day vulnerabilities in its Adaptive Security Appliance and Firepower Threat Defense products. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 24 Apr 2024
Critical CrushFTP zero-day vulnerability under attack

While a patch is now available, a critical CrushFTP vulnerability came under attack as a zero-day and could allow attackers to exfiltrate all files on the server. Continue Reading
By
- Arielle Waldman, News Writer
News 24 Apr 2024
Coalition: Insurance claims for Cisco ASA users spiked in 2023

Coalition urged enterprises to be cautious when using Cisco and Fortinet network boundary devices as attackers can leverage the attack vectors to gain initial access. Continue Reading
By
- Arielle Waldman, News Writer
News 24 Apr 2024
GitHub vulnerability leaks sensitive security reports

The vulnerability is triggered when GitHub users correct code or other mistakes they discover on repositories. But GitHub does not believe it warrants a fix. Continue Reading
By
- Arielle Waldman, News Writer
Tip 24 Apr 2024
Traditional MFA isn't enough, phishing-resistant MFA is key

Not every MFA technique is effective in combating phishing attacks. Enterprises need to consider new approaches to protect end users from fraudulent emails. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
News 23 Apr 2024
U.S. cracks down on commercial spyware with visa restrictions

The move marks the latest effort by the U.S. government to curb the spread of commercial spyware, which has been used to target journalists, politicians and human rights activists. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 23 Apr 2024
Creating a patch management policy: Step-by-step guide

A comprehensive patch management policy is insurance against security vulnerabilities and bugs in networked hardware and software that can disrupt your critical business processes. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 23 Apr 2024
Mandiant: Attacker dwell time down, ransomware up in 2023

Mandiant's 'M-Trends' 2024 report offered positive signs for global cybersecurity but warned that threat actors are shifting to zero-day exploitation and evasion techniques. Continue Reading
By
- Rob Wright, Senior News Director
News 22 Apr 2024
Mitre breached by nation-state threat actor via Ivanti flaws

An unnamed nation-state threat actor breached Mitre through two Ivanti Connect Secure zero-day vulnerabilities, CVE-2023-46805 and CVE-2024-21887, disclosed earlier this year. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 19 Apr 2024
CISA: Akira ransomware extorted $42M from 250+ victims

The Akira ransomware gang, which utilizes sophisticated hybrid encryption techniques and multiple ransomware variants, targeted vulnerable Cisco VPNs in a campaign last year. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 18 Apr 2024
Cisco discloses high-severity vulnerability, PoC available

The security vendor released fixes for a vulnerability that affects Cisco Integrated Management Controller, which is used by devices including routers and servers. Continue Reading
By
- Arielle Waldman, News Writer
News 17 Apr 2024
Mandiant upgrades Sandworm to APT44 due to increasing threat

Over the past decade, Sandworm has been responsible for high-severity attacks that highlight the group's persistence, evasion techniques and threat to government bodies. Continue Reading
By
- Arielle Waldman, News Writer
News 12 Apr 2024
CISA: Midnight Blizzard obtained federal agency emails

CISA ordered U.S. federal agencies to reset any credentials exposed by Midnight Blizzard's breach against Microsoft and notify CISA in the case of a known or suspected compromise. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 12 Apr 2024
Palo Alto Networks discloses RCE zero-day vulnerability

Threat actors have exploited the remote code injection flaw, which affects the GlobalProtect gateway in Palo Alto Networks' PAN-OS software, in a 'limited' number of attacks. Continue Reading
By
- Rob Wright, Senior News Director
Opinion 10 Apr 2024
5 trends in the cyber insurance evolution

As cyber insurance companies evolve, they will wield more power throughout the industry. Check out five areas where cyber insurance trends are changing the cybersecurity market. Continue Reading
By
- Jon Oltsik, Analyst Emeritus
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Definition 10 Apr 2024
fraud detection

Fraud detection is a set of activities undertaken to prevent money or property from being obtained through false pretenses. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
News 09 Apr 2024
Unit 42: Malware-initiated scanning attacks on the rise

Palo Alto Networks' research team warned of threat actors compromising one victim and then using that victim's resources to discreetly scan for vulnerabilities on other systems. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 09 Apr 2024
Why the Keitaro TDS keeps causing security headaches

Keitaro insists it is on the side of the law, but threat actors continue to flock to the software company's traffic distribution system to redirect users to malicious domains. Continue Reading
By
- Rob Wright, Senior News Director
News 08 Apr 2024
Flaws in legacy D-Link NAS devices under attack

Internet scans show threat actors are targeting CVE-2024-3273 in thousands of end-of-life D-Link NAS devices, and exploitation requires no authentication. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 05 Apr 2024
Risk & Repeat: Cyber Safety Review Board takes Microsoft to task

This podcast episode discusses the Cyber Safety Review Board's report on Microsoft and its conclusion that the software giant must overhaul its security culture. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 04 Apr 2024
Ransomware attacks ravaged municipal governments in March

Many municipalities across the U.S. faced network outages, data breaches and large ransom demands following a flurry of ransomware attacks last month. Continue Reading
By
- Arielle Waldman, News Writer
News 04 Apr 2024
Infosec professionals praise CSRB report on Microsoft breach

Security professionals and executives weigh in on how the Cyber Safety Review Board handled its investigation into Microsoft and what it could mean for the tech giant. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 04 Apr 2024
5 top OT threats and security challenges

Securing operational technology is particularly critical but also especially challenging. Consider these top OT threats and how to manage them. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
News 03 Apr 2024
Cyber Safety Review Board slams Microsoft security failures

The Department of Homeland Security's Cyber Safety Review Board said a 'cascade' of errors at Microsoft allowed nation-state hackers to access U.S. government emails last year. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 03 Apr 2024
Trend Micro: LockBit ransomware gang's comeback is failing

LockBit is struggling to resume operations in part due to the name-and-shame aspect of the international law enforcement operation responsible for the gang's disruption. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 02 Apr 2024
Cloud computing forensics techniques for evidence acquisition

With the proper tools and methodologies, security teams can provide analysts with the critical pieces required to complete cloud computing forensics investigations. Continue Reading
By
- Dave Shackleford, Voodoo Security
News 01 Apr 2024
XZ backdoor discovery reveals Linux supply chain attack

A maintainer for XZ, a popular open source compression library for Linux distributions, compromised the open source project over the course of two years. Continue Reading
By
- Rob Wright, Senior News Director
- Alexander Culafi, Senior News Writer
News 29 Mar 2024
Typosquatting campaign, malicious packages slam PyPI

Threat actors used automated typosquatting attacks to lead victims to malicious python packages in yet another campaign targeting the open-source software supply chain. Continue Reading
By
- Alexander Culafi, Senior News Writer
Opinion 28 Mar 2024
5 areas to help secure your cyber-risk management program

To meet the challenges of managing cyber-risk, organizations need to have a cyber-risk management plan in place. Look at five areas to better secure your organization's assets. Continue Reading
By
- David Vance
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tip 28 Mar 2024
Microsoft Teams phishing attacks and how to prevent them

Users who think phishing happens only over email should think again. Learn about recent Microsoft Teams phishing attacks and how to defend against them. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 27 Mar 2024
Spyware vendors behind 75% of zero-days targeting Google

Google observed 97 zero-day vulnerabilities exploited in the wild last year, which was more than a 50% increase over the 62 exploited zero-day vulnerabilities tracked in 2022. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 27 Mar 2024
Unpatched flaw in Anyscale's Ray AI framework under attack

Oligo Security researchers say thousands of Ray servers have been compromised through the flaw, but Anyscale said it has received no reports of exploitation. Continue Reading
By
- Arielle Waldman, News Writer
- Rob Wright, Senior News Director
News 27 Mar 2024
Flashpoint observes 84% surge in ransomware attacks in 2023

The threat intelligence vendor anticipates that enterprises will continue to face increases in ransomware activity and data breaches in 2024, with some silver linings ahead. Continue Reading
By
- Arielle Waldman, News Writer
News 26 Mar 2024
SQL injection vulnerability in Fortinet software under attack

Fortinet and CISA confirmed CVE-2023-48788 is being actively exploited. But the Shadowserver Foundation found that many vulnerable instances remain online. Continue Reading
By
- Arielle Waldman, News Writer
News 26 Mar 2024
Top.gg supply chain attack highlights subtle risks

Threat actors used fake Python infrastructure and cookie stealing to poison multiple GitHub code repositories, putting another spotlight on supply chain risks. Continue Reading
By
- Alexander Culafi, Senior News Writer
- Beth Pariseau, Senior News Writer
News 22 Mar 2024
'GoFetch' attack spells trouble for Apple M-series chips

Academic researchers discovered a hardware optimization feature called 'data memory-dependent prefetcher' could be abused to extract secret encryption keys from vulnerable systems. Continue Reading
By
- Rob Wright, Senior News Director
News 21 Mar 2024
AWS fixes 'FlowFixation' vulnerability for account hijacking

A Tenable researcher discovered a session fixation flaw in AWS Managed Workflows for Apache Airflow that, combined with a misconfiguration, could enable account hijacking. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 21 Mar 2024
NCC Group: Ransomware attacks jump 73% in February

While NCC Group expected an increase in ransomware attacks from January to February, year-over-year data showed just how persistent the threat is to enterprises. Continue Reading
By
- Arielle Waldman, News Writer
Tip 21 Mar 2024
10 remote work cybersecurity risks and how to prevent them

Larger attack surfaces, limited oversight of data use and more vulnerable technologies are among the security risks faced in remote work environments. Continue Reading
By
- Mary K. Pratt
News 20 Mar 2024
CISA urges defensive actions against Volt Typhoon threats

The U.S. cybersecurity agency advised critical infrastructure leaders to adopt several best practices and defensive measures to protect against Chinese state-sponsored attacks. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 20 Mar 2024
How to defend against phishing as a service and phishing kits

Phishing is a perennial thorn in the side of enterprise security. Thanks to phishing-as-a-service offerings and phishing kits, the problem will only get worse. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec