Threats and vulnerabilities

Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.

Top Stories

News 15 Nov 2024
Palo Alto Networks PAN-OS management interfaces under attack

Palo Alto Networks confirmed that threat actors are exploiting a vulnerability in PAN-OS firewall management interfaces after warning customers to secure them for nearly a week. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 14 Nov 2024
Infoblox: 800,000 domains vulnerable to hijacking attack

While the 'Sitting Ducks' attack vector continues to pose a problem, Infoblox says domain registrars, DNS providers and government bodies remain inactive. Continue Reading
By
- Arielle Waldman, News Writer

News 10 May 2023
Akamai bypasses mitigation for critical Microsoft Outlook flaw

Enterprises might remain vulnerable to a critical Outlook flaw that Microsoft patched in March, as an Akamai researcher uncovered a way to bypass remediation efforts. Continue Reading
By
- Arielle Waldman, News Writer
Definition 09 May 2023
juice jacking

Juice jacking is a security exploit in which an infected USB charging station is used to compromise devices that connect to it. Continue Reading
By
- Laura Fitzgibbons
Definition 09 May 2023
hypervisor security

Hypervisor security is the process of ensuring the hypervisor -- the software that enables virtualization -- is secure throughout its lifecycle. Continue Reading
By
- TechTarget Contributor
News 08 May 2023
Intel BootGuard private keys leaked following MSI hack

Intel said it was "actively investigating" reports that OEM BootGuard keys were stolen and leaked by ransomware actors following a breach at motherboard maker MSI Continue Reading
By
- Alexander Culafi, Senior News Writer
News 08 May 2023
Western Digital confirms ransomware actors stole customer data

Western Digital issued an update late Friday that confirmed customer data was stolen in an attack for which Alphv ransomware actors claimed responsibility. Continue Reading
By
- Arielle Waldman, News Writer
News 04 May 2023
Ransomware gangs display ruthless extortion tactics in April

Ransomware groups are pressuring enterprises into paying with harsher extortion tactics, contacting individual victims directly and leaking stolen photos and video footage. Continue Reading
By
- Arielle Waldman, News Writer
Feature 03 May 2023
Studies show ransomware has already caused patient deaths

No patient deaths have been definitively attributed to cyber attacks on hospitals, but some infosec experts say that statistical evidence shows a different, grim reality. Continue Reading
By
- Alexis Zacharakos, Student Co-op
Feature 02 May 2023
Where climate change and cyber attacks intersect

One session at RSA Conference 2023 focused on climate change -- a topic that is not commonly featured during cybersecurity conversations, but should be. Continue Reading
By
- Sharon Shea, Executive Editor
Definition 01 May 2023
Web application firewall (WAF)

A web application firewall (WAF) is a firewall that monitors, filters and blocks Hypertext Transfer Protocol (HTTP) traffic as it travels to and from a website or web application. Continue Reading
By
- Kinza Yasar, Technical Writer
Feature 28 Apr 2023
It's time to harden AI and ML for cybersecurity

An RSA Conference panel said that now is the time to become proactive against AI and ML adversarial attacks -- before they become more sophisticated. Continue Reading
By
- Kyle Johnson, Technology Editor
News 25 Apr 2023
Bugcrowd CTO talks hacker feedback, vulnerability disclosure

Bugcrowd CTO Casey Ellis said the company's new penetration testing service helps establish the company beyond public perception of it being purely a bug bounty platform. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 25 Apr 2023
Google, Mandiant highlight top threats, evolving adversaries

Enterprises are struggling to keep up as adversary groups improve tactics. But one of the most difficult groups to defend against, according to Google and Mandiant, was a surprise. Continue Reading
By
- Arielle Waldman, News Writer
Definition 25 Apr 2023
smishing (SMS phishing)

Smishing -- or Short Message Service (SMS) phishing -- is a social engineering tactic cybercriminals use to trick people into divulging sensitive information over text messages. Continue Reading
By
- Kinza Yasar, Technical Writer
Tip 21 Apr 2023
How to create an SBOM, with example and template

SBOMs help organizations inventory every component in their software. This free template, which includes an SBOM example, can help you secure your own software supply chain. Continue Reading
By
- Rob Shapland
News 20 Apr 2023
Fortra completes GoAnywhere MFT investigation

An investigation around the zero-day attack that affected a growing number of victims revealed that activity started earlier than Fortra initially reported. Continue Reading
By
- Arielle Waldman, News Writer
News 20 Apr 2023
Mandiant: 3CX breach caused by second supply chain attack

Trading Technologies said in a statement it had 'not had the ability to verify the assertions in Mandiant's report' that its software played a role in the 3CX supply chain attack. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 19 Apr 2023
firewall

A firewall is a network security device that prevents unauthorized access to a network. It inspects incoming and outgoing traffic using a set of security rules to identify and block threats. Continue Reading
By
- Kinza Yasar, Technical Writer
- Ben Lutkevich, Site Editor
News 18 Apr 2023
Mandiant: 63% of breaches were discovered externally in 2022

Mandiant said the 2022 increase is most likely affected by the threat intelligence firm proactively investigating threat activity targeting Ukraine last year. Continue Reading
By
- Alexander Culafi, Senior News Writer
Guest Post 14 Apr 2023
Pen testing amid the rise of AI-powered threat actors

The importance of pen testing continues to increase in the era of AI-powered attacks, along with red teaming, risk prioritization and well-defined goals for security teams. Continue Reading
By
- Ed Skoudis, SANS Technology Institute
Tutorial 13 Apr 2023
How to use the John the Ripper password cracker

Password crackers are essential tools in any pen tester's toolbox. This step-by-step tutorial explains how to use John the Ripper, an open source offline password-cracking tool. Continue Reading
By
- Ed Moyle, Drake Software
News 13 Apr 2023
Hacking Policy Council launches, aims to improve bug disclosure

Founding members for the Hacking Policy Council, launched Thursday by the Center for Cybersecurity Policy and Law, include HackerOne, Bugcrowd, Google and others. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 13 Apr 2023
Microsoft Defender for Endpoint (formerly Windows Defender ATP)

Microsoft Defender for Endpoint -- formerly Microsoft Defender Advanced Threat Protection or Windows Defender ATP -- is an endpoint security platform designed to help enterprise-class organizations prevent, detect and respond to security threats. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Brien Posey
News 12 Apr 2023
OpenAI launches bug bounty program with Bugcrowd

ChatGPT publisher OpenAI said its new Bugcrowd bug bounty program will not accept submissions involving "issues related to the content of model prompts and responses." Continue Reading
By
- Alexander Culafi, Senior News Writer
News 12 Apr 2023
Nokoyawa ransomware exploits Windows CLFS zero-day

The Nokoyawa ransomware attacks highlight the growing use of zero-day exploits by a variety of threat groups, including financially motivated cybercriminals. Continue Reading
By
- Arielle Waldman, News Writer
Tip 11 Apr 2023
How to fix the top 5 API vulnerabilities

APIs are more ubiquitous than ever, but many are still subject to well-known and often easily preventable vulnerabilities. Continue Reading
By
- Michael Cobb
News 07 Apr 2023
Microsoft, Fortra get court order to disrupt Cobalt Strike

Microsoft, Fortra and the Health Information Sharing and Analysis center announced they obtained a court order in an effort to curb malicious Cobalt Strike use. Continue Reading
By
- Arielle Waldman, News Writer
Tip 07 Apr 2023
5 ChatGPT security risks in the enterprise

Whether in the hands of cybercriminals or oblivious end users, ChatGPT introduces new security risks. Continue Reading
By
- Alissa Irei, Senior Site Editor
- Ashwin Krishnan, StandOutin90Sec
Definition 05 Apr 2023
post-quantum cryptography

Post-quantum cryptography, also known as quantum encryption, is the development of cryptographic systems for classical computers that can prevent attacks launched by quantum computers. Continue Reading
By
- Rob Clyde, Isaca
- Alexander S. Gillis, Technical Writer and Editor
News 05 Apr 2023
42% of IT leaders told to maintain breach confidentiality

While transparency and prompt reporting are important steps following an attack, Bitdefender found that many IT professionals were told to maintain confidentiality after a breach. Continue Reading
By
- Arielle Waldman, News Writer
News 04 Apr 2023
March ransomware disclosures spike behind Clop attacks

The Clop ransomware gang claimed responsibility for several disclosed ransomware attacks on major enterprises, which stemmed from a zero-day flaw in Fortra's GoAnywhere software. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 04 Apr 2023
Risk & Repeat: Inside the 3CX supply chain attack

This podcast episode discusses the 3CX supply chain attack, where it may have started, who was behind it and how the unified communications vendor has responded to the incident. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 03 Apr 2023
Source of 3CX supply chain attack unclear as fallout continues

Multiple statements originally referenced a third-party library as the apparent source for 3CX's recent supply chain attack, but that may no longer be the case. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 03 Apr 2023
Why medical device vulnerabilities are hard to prioritize

Vulnerabilities in critical medical devices could lead to loss of life. But opinions are mixed on how serious the risk is to patient safety and how best to address the flaws. Continue Reading
By
- Alexis Zacharakos, Student Co-op
News 30 Mar 2023
Azure Pipelines vulnerability spotlights supply chain threats

Legit Security researchers discovered a remote code execution flaw within Microsoft's Azure DevOps platform that could give threat actors complete control of development pipelines. Continue Reading
By
- Beth Pariseau, Senior News Writer
- Rob Wright, Senior News Director
News 29 Mar 2023
Google: Spyware vendors exploiting iOS, Android zero days

Recent campaigns observed by Google's Threat Analysis Group showed spyware vendors' use of zero days and known vulnerabilities pose an increasing threat. Continue Reading
By
- Arielle Waldman, News Writer
Tip 29 Mar 2023
Vulnerability management vs. risk management, compared

Vulnerability management seeks out security weaknesses in an organization, while risk management involves looking holistically at how the company is running. Continue Reading
By
- Ravi Das, ML Tech Inc.
Feature 28 Mar 2023
Top 9 cryptocurrency hacks of 2022

Top 9 cryptocurrency hacks of 2022 Continue Reading
By
- Amanda Hetler, Senior Editor
Feature 28 Mar 2023
Publicly disclosed U.S. ransomware attacks in 2023

TechTarget Editorial's ransomware database collects public disclosures, notifications and confirmed reports of attacks against U.S. organizations each month. Continue Reading
By
- Rob Wright, Senior News Director
Tip 28 Mar 2023
Compare breach and attack simulation vs. penetration testing

A deep dive into breach and attack simulation vs. penetration testing shows both tools prevent perimeter and data breaches. Find out how they complement each other. Continue Reading
By
- Rob Shapland
News 27 Mar 2023
Zoom launches Okta Authentication for E2EE to verify identity

Authenticated Zoom attendees will get a blue shield icon next to their participant name to give enterprises additional security during sensitive meetings. Continue Reading
By
- Arielle Waldman, News Writer
Feature 24 Mar 2023
SMS pumping attacks and how to mitigate them

Online forms that use SMS can be costly to organizations if they are vulnerable to SMS pumping attacks. Use the following methods to mitigate or prevent this fraud-based attack. Continue Reading
By
- Kyle Johnson, Technology Editor
Definition 24 Mar 2023
vishing (voice or VoIP phishing)

Vishing (voice or VoIP phishing) is a type of cyber attack that uses voice and telephony technologies to trick targeted individuals into revealing sensitive data to unauthorized entities. Continue Reading
By
- Robert Sheldon
News 23 Mar 2023
More victims emerge from Fortra GoAnywhere zero-day attacks

Threat actors began exploiting a zero-day vulnerability in Fortra's GoAnywhere file sharing software in late January, victimizing several large enterprises. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 22 Mar 2023
BreachForums taken down after arrest of alleged owner

This Risk & Repeat podcast episode covers the arrest of BreachForums' alleged owner and the site's subsequent closure, as well as possible connections to the DC Health Link breach. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 20 Mar 2023
4 cloud API security best practices

APIs make up the majority of web traffic now, but they aren't always kept as secure as needed. Consider implementing these four cloud API security best practices. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 20 Mar 2023
Boost cluster security with Kubernetes vulnerability scanning

Performing vulnerability scans on Kubernetes clusters can help keep container environments secure and running smoothly. Learn what risks to look out for and compare tool options. Continue Reading
By
- Brien Posey
Definition 17 Mar 2023
bluesnarfing

Bluesnarfing is a hacking technique in which a hacker accesses a wireless device through a Bluetooth connection. Continue Reading
By
- Rahul Awati
News 17 Mar 2023
Google warns users of Samsung Exynos zero-day vulnerabilities

To prevent threat actors from exploiting the unpatched attack vectors, Google Project Zero made an exception for four Exynos chipset flaws by extending its disclosure timeline. Continue Reading
By
- Arielle Waldman, News Writer
News 16 Mar 2023
U.S. federal agency hacked via 3-year-old Telerik UI flaw

A CISA advisory said multiple threat actors recently exploited a Progress Telerik UI vulnerability, first disclosed in 2019, to breach an unnamed federal civilian agency. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 15 Mar 2023
Secureworks IR team saw BEC attacks double in 2022

Vendor and incident response firm Secureworks referred to business email compromise, or BEC attacks, as 'the largest monetary threat to organizations.' Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 15 Mar 2023
quantum supremacy

Quantum supremacy is the experimental demonstration of a quantum computer's dominance and advantage over classical computers by performing calculations previously impossible at unmatched speeds. Continue Reading
By
- Kate Brush
News 15 Mar 2023
Rubrik discloses data breach, blames Fortra zero-day

The cybersecurity vendor said it is investigating a data breach after attackers exploited a zero-day vulnerability in Fortra's GoAnywhere managed file transfer software. Continue Reading
By
- Arielle Waldman, News Writer
Definition 15 Mar 2023
antivirus software (antivirus program)

Antivirus software (antivirus program) is a security program designed to prevent, detect, search and remove viruses and other types of malware from computers, networks and other devices. Continue Reading
By
- Kinza Yasar, Technical Writer
- Linda Rosencrance
Podcast 15 Mar 2023
Hacker claims exposed database led to DC Health Link breach

This Risk & Repeat podcast episode covers the breach of health insurance exchange DC Health Link, as well as a hacker's claim that the breach was caused by an exposed database. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 14 Mar 2023
Magniber ransomware actors exploiting Microsoft zero day

Magniber ransomware actors discovered a way to bypass Microsoft's remediation for a previous SmartScreen vulnerability to attack enterprises, according to Google researchers. Continue Reading
By
- Arielle Waldman, News Writer
News 13 Mar 2023
DC Health Link confirms breach, but questions remain

While DC Health Link confirmed the breach, it is unknown how threat actors obtained the personal health data of more than 56,000 customers, including members of Congress. Continue Reading
By
- Alexander Culafi, Senior News Writer
Podcast 13 Mar 2023
Tech news this week: AI, decentralized apps and ransomware

AI washing, new ransomware tactics and decentralized regulation challenges populated the news this week. Continue Reading
By
- Ben Lutkevich, Site Editor
News 13 Mar 2023
GitHub SBOM updates build automation foundation

A new CLI extension and other features due to ship this month lay the groundwork to help developers make better use of software supply chain data and mitigate vulnerabilities. Continue Reading
By
- Beth Pariseau, Senior News Writer
News 09 Mar 2023
Is ransomware declining? Not so fast, experts say

While some 2022 ransomware statistics indicate a possible 'decline' in activity, threat researchers warn there's more to the picture than the numbers suggest. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 09 Mar 2023
IceFire ransomware targets Linux, exploits IBM vulnerability

IceFire ransomware actors have shifted their attention to Linux servers and are actively exploiting a known vulnerability in IBM's Aspera Faspex file sharing software. Continue Reading
By
- Arielle Waldman, News Writer
Definition 09 Mar 2023
cyberwarfare

The generally accepted definition of cyberwarfare is a series of cyber attacks against a nation-state, causing it significant harm. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Katie Terrell Hanna
- Kevin Ferguson
News 09 Mar 2023
VulnCheck: CISA's KEV missing 42 vulnerabilities from 2022

VulnCheck said CISA's Known Exploited Vulnerabilities catalog 'cannot be treated as the authoritative catalog of exploited vulnerabilities' in its current state. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 09 Mar 2023
Flashpoint: Threat vectors converging, increasing damage

The threat intelligence vendor warned that threat actors are increasingly combining known vulnerabilities, stolen credentials and exposed data to wreak maximum damage. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 07 Mar 2023
Biden administration raises software liability questions

This Risk & Repeat podcast episode discusses the White House's National Cybersecurity Strategy and its proposal to hold technology companies liable for insecure software. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 02 Mar 2023
Ransomware attacks ravaged big names in February

While ransomware incidents appear to be decreasing, several high-profile organizations, including Dole, Dish Network and the U.S. Marshals Service, suffered notable attacks. Continue Reading
By
- Arielle Waldman, News Writer
Opinion 02 Mar 2023
Accurately assessing the success of zero-trust initiatives

Zero-trust preparation can be difficult. Measuring how well the model provides security and business benefits after implementation is even more difficult. Continue Reading
By
- John Grady, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 28 Feb 2023
Rapid7: Attackers exploiting vulnerabilities 'faster than ever'

Rapid7's 2022 Vulnerability Intelligence Report analyzed how attackers' increasing speed in deploying exploits affected an onset of widespread threats in 2022. Continue Reading
By
- Arielle Waldman, News Writer
Feature 28 Feb 2023
Pig butchering scam explained: Everything you need to know

People wanting to make money on the cryptocurrency market are becoming targets for scammers. Scammers are even looking for their next victim through dating and social media apps. Continue Reading
By
- Amanda Hetler, Senior Editor
News 28 Feb 2023
U.S. Marshals Service suffers ransomware attack, data breach

Ransomware actors breached the U.S. Marshals Service earlier this month and stole sensitive information pertaining to agency investigations, though many questions remain. Continue Reading
By
- Arielle Waldman, News Writer
News 28 Feb 2023
CrowdStrike: Threat actors shifting away from ransomware

CrowdStrike's '2023 Global Threat Report' showed a 20% increase in the number of threat actors using data theft and extortion tactics without deploying actual ransomware. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 24 Feb 2023
remote code execution (RCE)

Remote code execution (RCE) is when an attacker accesses a target computing device and makes changes remotely, no matter where the device is geographically located. Continue Reading
By
- Ben Lutkevich, Site Editor
News 22 Feb 2023
Exploitation attempts observed against Fortinet FortiNAC flaw

Hours after Horizon3.ai released a proof of concept exploit through GitHub, Shadowserver Foundation observed several IP addresses attempting to exploit the vulnerability. Continue Reading
By
- Arielle Waldman, News Writer
Definition 21 Feb 2023
mobile malware

Mobile malware is malicious software specifically written to attack mobile devices such as smartphones, tablets, and smartwatches. Continue Reading
By
- Casey Meserve
News 16 Feb 2023
Google: Russia continues to set cyber sights on NATO nations

A new report from Google's Threat Analysis Group shed light on Russia's efforts to conduct malicious cyber campaigns not only against Ukraine but also NATO nations too. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 16 Feb 2023
Ransomware actors increasingly weaponizing old vulnerabilities

A new report from Cyber Security Works shows that 76% of all ransomware-associated vulnerabilities tracked in 2022 were old flaws initially discovered between 2010 and 2019. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 15 Feb 2023
Cisco Talos spots new MortalKombat ransomware attacks

Researchers discovered the threat campaign is also using a new GO version of malware called Laplas Clipper to steal cryptocurrency from individuals and businesses in the U.S. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 15 Feb 2023
ESXiArgs attack vector unclear as infections continue

This Risk & Repeat podcast episode discusses the recent developments involving ESXiArgs, the ransomware variant that has been infecting vulnerable VMware ESXi servers this month. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 14 Feb 2023
Dragos: ICS/OT ransomware attacks up 87%

Ransomware attacks against industrial organizations remains a growing problem, according to ICS/OT vendor Dragos' new 'Year in Review 2022' report. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 13 Feb 2023
Namecheap email system hacked, used for phishing campaign

While the domain registrar said it was not breached directly, it did confirm its third-party email system was compromised Sunday and warned customers not to open any unauthorized emails. Continue Reading
By
- Arielle Waldman, News Writer
News 10 Feb 2023
New ESXi ransomware strain spreads, foils decryption tools

Since the onset of the widespread attacks last week, the ESXiArgs ransomware strain appears to have undergone updates that make it harder for enterprises to recover data. Continue Reading
By
- Arielle Waldman, News Writer
News 09 Feb 2023
U.S., U.K. hit TrickBot cybercrime gang with sanctions

TrickBot malware has caused considerable damage to U.S. organizations, particularly in the healthcare industry, and was used in Conti and Ryuk ransomware attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 09 Feb 2023
Hypervisor patching struggles exacerbate ESXiArgs attacks

Ransomware hit a high number of unpatched VMware ESXi servers by exploiting two- and three-year-old flaws, which has put hypervisor patching difficulties in the spotlight. Continue Reading
By
- Arielle Waldman, News Writer
News 09 Feb 2023
Thousands of victims apparently hit by ESXiArgs ransomware

A joint security advisory from CISA and the FBI said the ESXiArgs ransomware campaign has claimed over 3,800 servers globally since attacks first emerged last week. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 09 Feb 2023
crypto wallet (cryptocurrency wallet)

A crypto wallet (cryptocurrency wallet) is software or hardware that enables users to store and use cryptocurrency. Continue Reading
By
- Sean Michael Kerner
News 08 Feb 2023
CISA battles ESXiArgs ransomware campaign with recovery tool

The U.S. Cybersecurity and Infrastructure Security Agency published a decryptor script intended to assist VMware customers affected by ESXiArgs ransomware. Continue Reading
By
- Alexander Culafi, Senior News Writer
Podcast 08 Feb 2023
ESXiArgs ransomware campaign raises concerns, questions

This Risk & Repeat podcast looks at the widespread ESXiArgs ransomware attacks and the questions they've raised about the threat landscape, vulnerability patching and more. Continue Reading
By
- Rob Wright, Senior News Director
Definition 08 Feb 2023
reverse brute-force attack

A reverse brute-force attack is a type of brute-force attack in which an attacker uses a common password against multiple usernames in an attempt to gain access to a network. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
Definition 07 Feb 2023
messaging security

Messaging security is a subcategory of unified threat management, or UTM, focused on securing and protecting an organization's communication infrastructure. Continue Reading
By
- Sarah Lewis
News 06 Feb 2023
Vastaamo hacking suspect arrested in France

The suspect in the infamous cyber attack, Julius Kivimäki, is a 25-year-old Finnish man who was arrested after being remanded in absentia in October 2022. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 06 Feb 2023
Widespread ransomware campaign targets VMware ESXi servers

The attacks exploited a two-year-old heap overflow vulnerability in VMware ESXi. Many questions remain about the scope of the campaign and the threat actor behind it. Continue Reading
By
- Arielle Waldman, News Writer
News 02 Feb 2023
Threat activity increasing around Fortinet VPN vulnerability

Following public disclosure of the critical VPN flaw in December, multiple reports show threat actors are exploiting it to target high-profile organizations. Continue Reading
By
- Arielle Waldman, News Writer
News 02 Feb 2023
HeadCrab malware targets Redis to mine cryptocurrency

Aqua Security said the HeadCrab botnet has taken control of at least 1,200 servers via internet-facing instances of the opensource DBMS Redis and is using them for cryptomining. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 01 Feb 2023
What reverse shell attacks are and how to prevent them

Attackers use reverse shells to covertly attack an organization's environment. Discover what a reverse shell is and how to mitigate such attacks. Continue Reading
By
- Ravi Das, ML Tech Inc.
Definition 31 Jan 2023
Dridex malware

Dridex is a form of malware that targets victims' banking information, with the main goal of stealing online account credentials to gain access to their financial assets. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
News 31 Jan 2023
Horizon3.ai releases POC exploit for VMware vulnerabilities

Penetration testing vendor Horizon3.ai published technical details and exploit code for three new CVEs in VMware vRealize Log Insight that can be chained for remote code execution. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 24 Jan 2023
backdoor (computing)

A backdoor attack is a means to access a computer system or encrypted data that bypasses the system's customary security mechanisms. Continue Reading
By
- Ben Lutkevich, Site Editor
- Brien Posey
Tip 20 Jan 2023
How to select a security analytics platform, plus vendor options

Security analytics platforms aren't traditional SIEM systems, but rather separate platforms or a SIEM add-on. Learn more about these powerful and important tools. Continue Reading
By
- Paul Kirvan
Opinion 20 Jan 2023
6 cybersecurity buzzwords to know in 2023

Enterprise Strategy Group research indicates many organizations will increase cybersecurity spending in 2023, and with that comes an evolving set of vendor buzzwords to sort out. Continue Reading
By
- Jon Oltsik, Analyst Emeritus
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 19 Jan 2023
Chainalysis: Ransomware payments down, fewer victims paying

Ransomware payments dropped significantly this past year, falling more than 40% from 2021, according to new research from blockchain analysis firm Chainalysis. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 19 Jan 2023
Heartbleed

Heartbleed was a vulnerability in some implementations of OpenSSL, an open source cryptographic library. Continue Reading
By
- Sharon Shea, Executive Editor