Cisco’s critical IOS XE software zero day is a ‘bad situation’

Researchers from VulnCheck said they have found thousands of implanted hosts.

By David Jones • Oct. 17, 2023

Critical Atlassian Confluence CVE under exploit by prolific state-linked actor

Microsoft researchers warn a threat actor with ties to China has been exploiting the vulnerability since mid-September.

By David Jones • Oct. 13, 2023

Microsoft tops CISA’s list of exploited CVEs used in ransomware attacks

CISA updated its Known Exploited Vulnerabilities Catalog to alert organizations to CVEs linked to ransomware.

By Matt Kapko • Oct. 13, 2023

Federal agencies press OT/ICS providers on open-source security

The U.S. is scrutinizing the security of critical infrastructure providers, which are becoming more dependent on connected infrastructure.

By David Jones • Oct. 12, 2023

Curl CVE has security community on edge as patch drops

The widely used tool has a vulnerability that can be exploited to cause a heap-based buffer overflow issue.

By David Jones • Oct. 11, 2023

CISA urges security upgrades as DDoS continues to target Rapid Reset zero day

Microsoft released guidance on mitigation steps, while F5 warned about denial of service attack risk against Nginx Open Source.

By David Jones • Oct. 11, 2023

Cloud giants sound alarm on record-breaking DDoS attacks

Google, AWS and Cloudflare warned the HTTP/2 Rapid Reset attacks are beyond anything ever recorded. 

By David Jones • Oct. 10, 2023

Multiple exploits hit Progress Software’s WS_FTP Server

A Progress spokesperson criticized unnamed third parties for releasing a proof of concept that "provided threat actors a roadmap on how to exploit the vulnerabilities."

By Matt Kapko • Oct. 3, 2023

Progress Software discloses 8 vulnerabilities in one of its other file-transfer services

The company behind the beleaguered MOVEit service has another vulnerable tool — WS_FTP Server. While there are no known exploits, two of the CVEs are critical.

By Matt Kapko • Sept. 29, 2023

CISA urges use of memory safe code in software development

Unsafe programming languages, like C and C++, account for more than 70% of security vulnerabilities. 

By David Jones • Sept. 22, 2023

White House, federal cyber leaders pledge renewed support for open source security

CISA released a roadmap for open source software security as industry officials convened to map out additional steps to protect federal agencies and the larger ecosystem.

By David Jones • Sept. 13, 2023

High-profile CVEs turn up in vulnerability exploit sales

Flashpoint observed 27 vulnerability exploits listed for sale or purchased on the dark web during the first half of the year. One-third were linked to Microsoft products.

By Matt Kapko • Sept. 12, 2023

Cisco BroadWorks vulnerability snags highest CVSS score

There are no workarounds for the vulnerability, which could expose confidential data if exploited by a threat actor with forged administrative access.

By Matt Kapko • Sept. 11, 2023

Barracuda patch bypassed by novel malware from China-linked threat group

Mandiant uncovered a months-long cyber espionage campaign targeting high value government entities and technology firms in the U.S. and abroad.

By David Jones • Sept. 1, 2023

Software industry urged to assume risk on open source security

The Open Source Security Foundation called on commercial and non-commercial organizations that use open source software components to adopt better security practices.

By David Jones • Aug. 25, 2023

Barracuda ESG zero-day exploit still under way after patches fail

The FBI said users need to isolate and replace affected appliances as threat actors continue to target the remote command injection vulnerability.

By David Jones • Aug. 24, 2023

Cuba ransomware group exploits Veeam to hit critical infrastructure

The threat actor also used malicious tools from previous campaigns, according to BlackBerry research.

By Matt Kapko • Aug. 21, 2023

White House wants input on open source security, memory-safe languages

Federal agencies put out a request for information Thursday, building on Biden administration priorities to help secure open source post-Log4j.

By David Jones • Aug. 11, 2023

Inside the most-commonly exploited CVEs of 2022

Delayed patching and unmet secure-by-design principles are aggravating the risk of compromise, the Five Eyes warned Thursday.

By Matt Kapko • Aug. 4, 2023

Tenable CEO calls out Microsoft delay on months-old Azure vulnerability

Microsoft has been dragging its feet to fully resolve the issue more than four months after it was discovered, CEO Amit Yoran said.

By David Jones • Aug. 3, 2023

Businesses improved cyber incident response times following Log4j, report finds

An Immersive Labs study showed security teams improved response times during attacks, but post-incident recovery still lagged.

By David Jones • Aug. 2, 2023

Valid account credentials are behind most cyber intrusions, CISA finds

The success rate of these techniques underscores the staying power of the most common methods threat actors use to gain initial access to targeted systems.

By Matt Kapko • July 28, 2023

Rockwell Automation, Honeywell warned of critical vulnerabilities in industrial products

Authorities and researchers warn that attackers could exploit the vulnerabilities for remote takeover and potentially destructive activity.

By David Jones • July 14, 2023

MOVEit mass exploit timeline: How the file-transfer service attacks entangled victims

The slow-moving disaster has ensnared some of the world's largest enterprises. Cybersecurity experts expect further damage to come.

By Matt Kapko • July 14, 2023

RomCom uses Word documents in new phishing campaign, Microsoft warns

The hackers are known to use trojanized versions of legitimate software from Adobe, SolarWinds, KeePass and others.

By David Jones • July 12, 2023