Stay informed on the latest cybersecurity threats and news to better protect your data, networks, applications, and devices. Our coverage includes emerging vulnerabilities, evolving attack techniques, and the latest security breaches to help you understand and mitigate risks.
Cisco is warning that nine significant vulnerabilities in its Small Business Series Switches could enable unauthenticated remote attackers to cause a denial-of-service condition or execute arbitrary code with root privileges on affected devices. The vulnerabilities are caused by improper validation of requests sent to the switches’ web interfaces, the company said. While the Cisco Product…
A SQL injection is an attack on a website’s back end. Discover how to protect your website and its database from SQL injection attacks.
Update: In a statement on the extent of the data breach disclosed last month, Western Digital said it has control of its digital certificate infrastructure and is “equipped to revoke certificates as needed.” “Regarding reports of the potential to fraudulently use digital signing technology allegedly attributed to Western Digital in consumer products, we can confirm…
Microsoft’s Patch Tuesday for May 2023 fixes two actively exploited vulnerabilities, including a Secure Boot bypass and system-level takeover.
GPT-4 has many of ChatGPT’s malicious capabilities, in some cases even enhancing them.
Development teams are exposing critical data and secrets online. Here’s what to do about it.
In December of last year, Microsoft worked with SentinelOne, Mandiant, and Sophos to respond to an issue in which drivers certified by Microsoft’s Windows Hardware Developer Program were being used to validate malware. Unfortunately, the problem hasn’t gone away. In a recent Mastodon post, security expert Kevin Beaumont observed, “Microsoft are still digitally signing malware…
Compression is a great way for hackers to hide malware and render it undetectable. Here’s what to do about that.
Microsoft’s Patch Tuesday for April 2023 targets 97 vulnerabilities, seven of them rated critical – as well as one that’s currently being exploited in the wild. The one flaw that’s currently being exploited, CVE-2023-28252, is an elevation of privilege vulnerability in the Windows Common Log File System (CLFS) Driver that could provide an attacker with…
Ransomware is a type of malicious program, or malware, that encrypts files, documents and images on a computer or server so that users cannot access the data. Ransomware is the most feared cybersecurity threat and with good reason: Its ability to cripple organizations by locking their data is a threat like no other. Knowing what…