Rust Foundation leads the charge to improve critical systems security

The foundation is standing up a consortium to boost the responsible use of the programming language at a time of heightened security risks.

By David Jones • June 12, 2024

SolarWinds file-transfer vulnerability ripe for exploitation, researchers warn

Rapid7 researchers said Serv-U CVE can easily be exploited, a similar scenario that has led to other smash-and-grab attacks.

By David Jones • June 12, 2024

Critical PHP CVE is under attack — research shows it’s easy to exploit

Researchers warn they are seeing thousands of attacks against various targets, including financial services and healthcare, in the U.S. and other countries. 

By David Jones • June 11, 2024

Cyber risk is rising for poorly configured OT devices

Since late last year, researchers have identified more politically motivated groups targeting water and other key critical infrastructure systems.

By David Jones • June 3, 2024

Securing your call centers: Best practices for cybersecurity protection

All call centers face cybersecurity threats because they handle information like credit card numbers, health records, and personal purchase history. However, call centers that support federal agencies have the added risk of handling highly sensitive information, making them prime targets for cybercriminals.

By Jerry Dotson, Vice President of Public Sector, Avaya • June 3, 2024

Check Point Software VPN exploitation risk greater than previously stated: researchers

An attacker can move laterally and gain far more access to files than previously disclosed, researchers warn. Threat activity has been traced back to April.

By David Jones • May 31, 2024

NIST has a plan to clear the vulnerability analysis backlog

The Cybersecurity and Infrastructure Security Agency and government contractor Analygence will help clear the National Vulnerability Database backlog.

By Matt Kapko • May 31, 2024

Check Point Software links newly identified CVE to VPN attacks

The company is now mandating customers download a hotfix designed to prevent attackers from gaining access.

By David Jones • May 29, 2024

Critical CVEs are going under-analyzed as NIST falls behind

NIST has analyzed less than 1 in 10 vulnerabilities added to the National Vulnerability Database since mid-February, according to VulnCheck research.

By Matt Kapko • May 28, 2024

Check Point Software customers targeted by hackers using old, local VPN accounts

The incidents mark the latest attempts to compromise organizations by exploiting vulnerable edge devices used for remote access.

By David Jones • May 28, 2024

Remote-access tools the intrusion point to blame for most ransomware attacks

Self-managed VPNs from Cisco and Citrix were 11 times more likely to be linked to a ransomware attack last year, At-Bay research found.

By Matt Kapko • May 16, 2024

Black Basta ransomware is toying with critical infrastructure providers, authorities say

The threat group has impacted more than 500 targets worldwide and the vast majority of critical infrastructure sectors.  Numerous attacks have exploited vulnerabilities in ConnectWise ScreenConnect.

By David Jones • May 13, 2024

Generative AI is a looming cybersecurity threat

Researchers have not identified any AI-engineered cyberattack campaigns, yet, but they say it’s only a matter of time before an AI system is dominant enough in the market to draw attention. 

By Jen A. Miller , Naomi Eide • May 8, 2024

China-linked attackers are successfully targeting network security devices, worrying officials

Espionage groups linked to China are heavily exploiting zero days, focusing on devices that lack endpoint detection and response capabilities, one expert said.

By Matt Kapko • May 7, 2024

CISA, FBI urge software companies to eliminate directory traversal vulnerabilities

The software defects are linked to recent exploitation campaigns against critical infrastructure providers, including healthcare and schools. 

By David Jones • May 7, 2024

5 considerations for securing your software supply chain

Do you know what’s in your code? These five considerations should help you drive your security activities and identify weak points in your software supply chain.

By Mike McGuire, Sr. Software Solution Manager, Synopsys • May 6, 2024

CISA warned 1,750 organizations of ransomware vulnerabilities last year. Only half took action.

More than half of CISA's ransomware vulnerability warning pilot alerts were sent to government facilities, healthcare and public health organizations.

By Matt Kapko • May 1, 2024

CVE exploitation nearly tripled in 2023, Verizon finds

Threat actors are going after critical security flaws in widely used applications, but human error is still at the root of business security woes.

By David Jones • May 1, 2024

Cactus ransomware targets a handful of Qlik Sense CVEs

Security researchers warn the threat group is ramping up exploitation of previously disclosed flaws in the cloud platform.

By David Jones • April 29, 2024

What to do when your team is struggling to manage too many application security vendors

A good ASPM solution will correlate and analyze data from a variety of sources, allow you to administer and orchestrate security tools, and automate your security policies.

April 29, 2024

Cisco devices again targeted by state-linked threat campaign

The campaign, dubbed ArcaneDoor, dates back to late 2023 and is targeting perimeter network devices from Cisco — and potentially other companies.

By David Jones • April 25, 2024

Zero-day exploits hit CrushFTP, researchers expect rapid exploitation

CrushFTP CEO Ben Spink said the company isn’t aware of any data theft thus far, but researchers see echoes of MOVEit exploits and other high-profile file-transfer vulnerabilities.

By Matt Kapko • April 24, 2024

Vintage Microsoft flaw resurfaces, threat actors attack with golden GooseEgg

State-linked actors are using a custom tool for post exploitation activity of a vulnerability in Windows Print Spooler, which could result in credential theft and backdoor installs.

By David Jones • April 24, 2024

Enterprises are getting better at detecting security incidents

Google Cloud’s Mandiant saw significant improvements in how organizations track down threats, yet hackers are still abusing common threat vectors.

By David Jones • April 23, 2024

Palo Alto Networks quibbles over impact of exploited, compromised firewalls

The security vendor downplayed the impact of exploit activity, describing most attempts as unsuccessful, but outside researchers say 6,000 devices are vulnerable.

By Matt Kapko • April 23, 2024