A ransomware family targeting individual computer users is using a zero-day Windows bug to infect users, ANALYGENCE senior vulnerability analyst Will Dormann has found. HP Wolf Security researchers recently published…
Security researcher Alvaro Muñoz recently warned of a critical vulnerability in versions 1.5 through 1.9 of Apache Commons Text. The flaw, dubbed “Text4Shell” and identified as CVE-2022-42889, can enable remote…
SafeBreach Labs researchers recently uncovered a new fully undetectable (FUD) PowerShell backdoor that uses a novel approach to disguise itself as part of the Windows update process. “The covert self-developed…
The vast majority of cybersecurity decision makers – 91 percent, in fact – find it difficult to select security products due to unclear marketing, according to the results of a…
Microsoft’s October 2022 Patch Tuesday includes security updates that fix well over 80 vulnerabilities in more than 50 different parts of its product range – but the ProxyNotShell flaws in…
A series of distributed denial of service (DDoS) attacks today briefly took down the websites of over a dozen U.S. airports, including those for Atlanta and Los Angeles International Airports.…
In a case that ups the stakes for CSOs dealing with data breaches, former Uber chief security officer Joe Sullivan was found guilty by a federal jury earlier this week…
DCSO CyTec researchers Johann Aydinbas and Axel Wauer are warning of new backdoor malware they’re calling “Maggie,” which targets Microsoft SQL servers. Maggie, the researchers say, has already affected at…
After Microsoft published guidance on mitigating the two remote code execution flaws uncovered last week by Vietnamese security firm GTSC, it seems the mitigations Microsoft suggested weren’t as effective as…
Vietnamese security firm GTSC published a blog post this week warning of a new zero-day remote code execution (RCE) flaw in Microsoft Exchange Server, which it said has been actively…
Subscribe to Cybersecurity Insider for top news, trends & analysis