CISA warns of active exploits hitting popular CI/CD tool Jenkins

Researchers at CloudSEK and Juniper Networks said a ransomware group targeted Brontoo Technology Solutions by exploiting the critical CVE. The attack disrupted banks in India.

By Matt Kapko • Aug. 20, 2024

SolarWinds Web Help Desk CVE scores a 9.8

SolarWinds urged customers to patch the vulnerability that could allow an attacker to run commands on a host machine, while CISA added the CVE to its KEV catalog.

By David Jones • Aug. 16, 2024

Microsoft Windows CVE triggers blue screen of death, researchers find

Researchers from Fortra on Monday disclosed the flaw in the common log file system, which can lead to repeated crashes and potential data loss. 

By David Jones • Updated Aug. 13, 2024

Attackers target legacy Cisco Smart Install features

Thousands of Cisco Smart Install IPs remain exposed to the internet as CISA warns that organizations are still employing weak passwords.

By David Jones • Aug. 12, 2024

CrowdStrike pursuing deal to buy patch management specialist Action1

The security firm is still working to overhaul its internal software development practices following the July 19 global IT outage involving millions of Microsoft Windows devices.

By David Jones • Aug. 9, 2024

CrowdStrike outage renews supply chain concerns, federal officials say

The White House and the U.S. Government Accountability Office are raising questions about the resilience of the software supply chain and memory safety vulnerabilities.

By David Jones • Aug. 2, 2024

Nearly 1 in 3 software development professionals unaware of secure practices

The knowledge gap, identified in a Linux Foundation report, comes as malicious hackers increasingly target critical vulnerabilities.

By David Jones • July 16, 2024

CISA calls for elimination of OS command injection vulnerabilities

Threat groups target vulnerabilities in widely used network devices. CISA’s latest advisory urges software makers to eliminate them at the source.

By Matt Kapko • July 11, 2024

MOVEit legal liabilities, expenses pile up for Progress Software

The prospective financial hit from a widely exploited vulnerability in the file-transfer service is growing. Progress confronts lawsuits, regulator scrutiny and government investigations.

By Matt Kapko • July 10, 2024

Microsoft warns of elevated risk in Rockwell Automation PanelView Plus CVEs

Microsoft researchers warn the vulnerabilities can be exploited, potentially resulting in remote code execution and denial of service.

By David Jones • July 3, 2024

Cisco Nexus devices zero day raises alarms despite CVSS score

Though the NX-OS CVE only has a 6.0 score, a suspected espionage actor is deploying custom malware to exploit a command injection vulnerability in a range of switching devices.

By David Jones • July 2, 2024

700,000 OpenSSH servers vulnerable to remote code execution CVE

The newly discovered vulnerability can be exploited by attackers to gain unauthenticated remote code execution with root privileges, Qualys researchers said.

By Matt Kapko • July 1, 2024

Memory-unsafe code runs rampant in critical open-source projects

CISA and the FBI are part of an international effort to eliminate memory-unsafe languages which were found in more than half of critical open-source projects.

By David Jones • June 27, 2024

Progress discloses more MOVEit CVEs, one year after 2023’s fiasco

The enterprise software vendor and researchers have not observed active exploitation, but attempts are underway. Concerns are amplified by a spree of attacks that hit MOVEit last year.

By Matt Kapko • Updated June 27, 2024

Cloud security becoming top priority for companies worldwide

Application sprawl and the sensitive nature of the data organizations place in the cloud is complicating security, Thales found.

By David Jones • June 25, 2024

Nearly 150,000 ASUS routers potentially exposed to critical vulnerability

Researchers said the CVE, which has a CVSS score of 9.8, raises additional concerns about the security of edge, small office and home office devices.

By David Jones • June 21, 2024

TellYouThePass ransomware widely targets vulnerable PHP instances

CISA added the CVE to its known exploited vulnerabilities catalog, but so far most of the infected hosts have been observed in China.

By David Jones • June 14, 2024

Microsoft president promises significant culture changes geared towards security

Brad Smith detailed plans to tie compensation to security, as lawmakers raised new questions about the company’s commitment to transparency.

By David Jones • June 14, 2024

Rust Foundation leads the charge to improve critical systems security

The foundation is standing up a consortium to boost the responsible use of the programming language at a time of heightened security risks.

By David Jones • June 12, 2024

SolarWinds file-transfer vulnerability ripe for exploitation, researchers warn

Rapid7 researchers said Serv-U CVE can easily be exploited, a similar scenario that has led to other smash-and-grab attacks.

By David Jones • June 12, 2024

Critical PHP CVE is under attack — research shows it’s easy to exploit

Researchers warn they are seeing thousands of attacks against various targets, including financial services and healthcare, in the U.S. and other countries. 

By David Jones • June 11, 2024

Cyber risk is rising for poorly configured OT devices

Since late last year, researchers have identified more politically motivated groups targeting water and other key critical infrastructure systems.

By David Jones • June 3, 2024

Securing your call centers: Best practices for cybersecurity protection

All call centers face cybersecurity threats because they handle information like credit card numbers, health records, and personal purchase history. However, call centers that support federal agencies have the added risk of handling highly sensitive information, making them prime targets for cybercriminals.

By Jerry Dotson, Vice President of Public Sector, Avaya • June 3, 2024

Check Point Software VPN exploitation risk greater than previously stated: researchers

An attacker can move laterally and gain far more access to files than previously disclosed, researchers warn. Threat activity has been traced back to April.

By David Jones • May 31, 2024

NIST has a plan to clear the vulnerability analysis backlog

The Cybersecurity and Infrastructure Security Agency and government contractor Analygence will help clear the National Vulnerability Database backlog.

By Matt Kapko • May 31, 2024