961 Results for:CVE
- Sort by:
More social engineering attacks on open source projects observed
15 Apr 2024In the wake of the recent XZ Utils scare, maintainers of another open source project have come forward to say they may have experienced similar social engineering attacks Read More
Microsoft resolves Windows zero-day on January Patch Tuesday
10 Jan 2023The company also issues five corrections, all with a rating of important, to address vulnerabilities on its on-premises Exchange Server email platform. Read More
MoveIT Transfer attacks highlight SQL injection risks
12 Jun 2023Security vendors say SQL injection flaws, like the zero-day vulnerability recently disclosed by Progress Software, can be challenging for companies to identify and resolve. Read More
Risk & Repeat: Rapid Reset and the future of DDoS attacks
12 Oct 2023This podcast episode covers the record-breaking DDoS attack Rapid Reset, why it stands out among other DDoS campaigns and whether it will be widely replicated in the future. Read More
75% of third-party breaches target software, IT supply chains
28 Feb 2024Data drawn from SecurityScorecard’s telemetry reveals how supply chain breaches are becoming a weapon of choice for threat actors Read More
'Rapid Reset' DDoS attacks exploiting HTTP/2 vulnerability
10 Oct 2023Cloudflare said the Rapid Reset DDoS attack was three times larger than the attack it had on record. Google similarly called it 'the largest DDoS attack to date.' Read More
Windows zero day patched but exploitation activity unclear
12 Jan 2023Avast threat researchers detected exploitation of a Windows zero-day flaw in the wild, and organizations are being urged to patch the flaw immediately. Read More
LockBit restores servers following law enforcement takedown
26 Feb 2024Law enforcement agencies last week announced a takedown of the LockBit ransomware gang that involved the seizure of servers, websites and decryption keys, as well as two arrests. Read More
Rapid7: Attackers exploiting vulnerabilities 'faster than ever'
28 Feb 2023Rapid7's 2022 Vulnerability Intelligence Report analyzed how attackers' increasing speed in deploying exploits affected an onset of widespread threats in 2022. Read More
New ESXi ransomware strain spreads, foils decryption tools
10 Feb 2023Since the onset of the widespread attacks last week, the ESXiArgs ransomware strain appears to have undergone updates that make it harder for enterprises to recover data. Read More