961 Results for:CVE

  • Sort by: 

Mandiant reveals new backdoors used in Barracuda ESG attacks

By Arielle Waldman 29 Aug 2023

Further investigations show threat actors were prepared for Barracuda Networks' remediation efforts, including an action notice to replace all compromised devices. Read More

LockBit locked out: Cyber community reacts

By Alex Scroxton 20 Feb 2024

Reaction to the takedown of the LockBit ransomware gang is enthusiastic, but tempered with the knowledge that cyber criminals are often remarkably resilient Read More

Citrix patches vulnerability as ransomware attacks emerge

By Rob Wright 24 Jan 2020

Citrix rolls out more patches ahead of schedule for CVE-2019-19781, a directory traversal vulnerability that affects Citrix ADC, Gateway and SD-WAN WANOP products. Read More

Clop may have been sitting on MOVEit vulnerability for two years

By Alex Scroxton 08 Jun 2023

The Clop cyber extortion gang may have been keeping the MOVEit SQL injection vulnerability they used to penetrate the systems of multiple victims secret for two years Read More

Google warns users of Samsung Exynos zero-day vulnerabilities

By Arielle Waldman 17 Mar 2023

To prevent threat actors from exploiting the unpatched attack vectors, Google Project Zero made an exception for four Exynos chipset flaws by extending its disclosure timeline. Read More

Microsoft stops two zero-days for March Patch Tuesday

By Tom Walat 14 Mar 2023

The company corrects actively exploited vulnerabilities that affected Microsoft Outlook and the Windows OS in this month's batch of security updates. Read More

Google: Spyware vendors exploiting iOS, Android zero days

By Arielle Waldman 29 Mar 2023

Recent campaigns observed by Google's Threat Analysis Group showed spyware vendors' use of zero days and known vulnerabilities pose an increasing threat. Read More

Zyxel vulnerability under 'widespread exploitation'

01 Jun 2023

Researchers warn that threat actors are widely exploiting an unauthenticated command injection vulnerability to target multiple Zyxel network devices. Read More

Chinese nation-state actor behind Barracuda ESG attacks

By Arielle Waldman 15 Jun 2023

Mandiant said the zero-day attacks on Barracuda Email Security Gateway appliances were part of a 'wide-ranging campaign in support of the People's Republic of China.' Read More

Progress Software releases patch for second MOVEit Transfer vulnerability

By Alex Scroxton 12 Jun 2023

Progress Software releases a patch for a second MOVEit Transfer issue, which was uncovered by third-party security specialist Huntress Security during post-incident code scanning Read More