961 Results for:CVE

  • Sort by: 

More social engineering attacks on open source projects observed

By Alex Scroxton 15 Apr 2024

In the wake of the recent XZ Utils scare, maintainers of another open source project have come forward to say they may have experienced similar social engineering attacks Read More

Microsoft resolves Windows zero-day on January Patch Tuesday

By Tom Walat 10 Jan 2023

The company also issues five corrections, all with a rating of important, to address vulnerabilities on its on-premises Exchange Server email platform. Read More

MoveIT Transfer attacks highlight SQL injection risks

By Arielle Waldman 12 Jun 2023

Security vendors say SQL injection flaws, like the zero-day vulnerability recently disclosed by Progress Software, can be challenging for companies to identify and resolve. Read More

Risk & Repeat: Rapid Reset and the future of DDoS attacks

By Alexander Culafi 12 Oct 2023

This podcast episode covers the record-breaking DDoS attack Rapid Reset, why it stands out among other DDoS campaigns and whether it will be widely replicated in the future. Read More

75% of third-party breaches target software, IT supply chains

By Alex Scroxton 28 Feb 2024

Data drawn from SecurityScorecard’s telemetry reveals how supply chain breaches are becoming a weapon of choice for threat actors Read More

'Rapid Reset' DDoS attacks exploiting HTTP/2 vulnerability

By Alexander Culafi 10 Oct 2023

Cloudflare said the Rapid Reset DDoS attack was three times larger than the attack it had on record. Google similarly called it 'the largest DDoS attack to date.' Read More

Windows zero day patched but exploitation activity unclear

By Arielle Waldman 12 Jan 2023

Avast threat researchers detected exploitation of a Windows zero-day flaw in the wild, and organizations are being urged to patch the flaw immediately. Read More

LockBit restores servers following law enforcement takedown

By Alexander Culafi 26 Feb 2024

Law enforcement agencies last week announced a takedown of the LockBit ransomware gang that involved the seizure of servers, websites and decryption keys, as well as two arrests. Read More

Rapid7: Attackers exploiting vulnerabilities 'faster than ever'

By Arielle Waldman 28 Feb 2023

Rapid7's 2022 Vulnerability Intelligence Report analyzed how attackers' increasing speed in deploying exploits affected an onset of widespread threats in 2022. Read More

New ESXi ransomware strain spreads, foils decryption tools

By Arielle Waldman 10 Feb 2023

Since the onset of the widespread attacks last week, the ESXiArgs ransomware strain appears to have undergone updates that make it harder for enterprises to recover data. Read More