Threats

Stay informed on the latest cybersecurity threats and news to better protect your data, networks, applications, and devices. Our coverage includes emerging vulnerabilities, evolving attack techniques, and the latest security breaches to help you understand and mitigate risks.

  • Cisco Warns of Multiple Flaws in Small Business Series Switches

    Cisco is warning that nine significant vulnerabilities in its Small Business Series Switches could enable unauthenticated remote attackers to cause a denial-of-service condition or execute arbitrary code with root privileges on affected devices. The vulnerabilities are caused by improper validation of requests sent to the switches’ web interfaces, the company said. While the Cisco Product…

  • How to Prevent SQL Injection: 5 Key Prevention Methods

    A SQL injection is an attack on a website’s back end. Discover how to protect your website and its database from SQL injection attacks.

  • Western Digital Cyber Attack a ‘Wake Up Call for ASIC Vendors’

    Update: In a statement on the extent of the data breach disclosed last month, Western Digital said it has control of its digital certificate infrastructure and is “equipped to revoke certificates as needed.” “Regarding reports of the potential to fraudulently use digital signing technology allegedly attributed to Western Digital in consumer products, we can confirm…

  • Microsoft Flaws Include Secure Boot Bypass, System-Level Takeovers

    Microsoft’s Patch Tuesday for May 2023 fixes two actively exploited vulnerabilities, including a Secure Boot bypass and system-level takeover.

  • ChatGPT Security and Privacy Issues Remain in GPT-4

    GPT-4 has many of ChatGPT’s malicious capabilities, in some cases even enhancing them.

  • Misconfigured Registries: Security Researchers Find 250 Million Artifacts Exposed

    Development teams are exposing critical data and secrets online. Here’s what to do about it.

  • Attackers Continue to Leverage Signed Microsoft Drivers

    In December of last year, Microsoft worked with SentinelOne, Mandiant, and Sophos to respond to an issue in which drivers certified by Microsoft’s Windows Hardware Developer Program were being used to validate malware. Unfortunately, the problem hasn’t gone away. In a recent Mastodon post, security expert Kevin Beaumont observed, “Microsoft are still digitally signing malware…

  • How UPX Compression Is Used to Evade Detection Tools

    Compression is a great way for hackers to hide malware and render it undetectable. Here’s what to do about that.

  • Windows CLFS Vulnerability Used for Ransomware Attacks

    Microsoft’s Patch Tuesday for April 2023 targets 97 vulnerabilities, seven of them rated critical – as well as one that’s currently being exploited in the wild. The one flaw that’s currently being exploited, CVE-2023-28252, is an elevation of privilege vulnerability in the Windows Common Log File System (CLFS) Driver that could provide an attacker with…

  • What is Ransomware? Everything You Should Know

    Ransomware is a type of malicious program, or malware, that encrypts files, documents and images on a computer or server so that users cannot access the data. Ransomware is the most feared cybersecurity threat and with good reason: Its ability to cripple organizations by locking their data is a threat like no other. Knowing what…

Get the free newsletter

Subscribe to Cybersecurity Insider for top news, trends & analysis

This field is required This field is required

IT Security Resources

Top Cybersecurity Companies

See Full List